4 matches found
CVE-2022-0215
The CVE-2022-0215 issue affects three WordPress plugins by XootiX: Login/Signup Popup, Side Cart Woocommerce, and Waitlist Woocommerce. Root cause is a Cross-Site Request Forgery (CSRF) vulnerability in the save_settings function within ~/includes/xoo-framework/admin/class-xoo-admin-settings.php,...
CVE-2024-5324
CVE-2024-5324 affects the WordPress plugin Login/Signup Popup (Inline Form + Woocommerce). Versions 2.7.1–2.7.2 lack a capability check in import_settings, allowing authenticated users with Subscriber-level access and above to modify arbitrary options, enabling new user registrations and potentia...
CVE-2022-45376
The CVE-2022-45376 entry concerns the WordPress plugin XootiX Side Cart Woocommerce (Ajax)
CVE-2023-28415
The CVE-2023-28415 entry concerns the WordPress Side Cart Woocommerce (Ajax) plugin (Admin+ stored XSS). Affected versions are