CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49840 – WordPress Multi Currency For WooCommerce Plugin <= 1.5.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-49840
Cross-Site Request Forgery (CSRF) vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Palscode Multi Currency para WooCommerce. Este problema afecta a Multi Currency para WooCommerce: desde n/a hasta 1.5.5. The Multi Currency For WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.5. This is due to missing or incorrect nonce validation on an unknown function. • https://patchstack.com/database/vulnerability/wc-multi-currency/wordpress-multi-currency-for-woocommerce-plugin-1-5-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4376 – WooCommerce Multi Currency <= 2.1.17 - Missing Authorization
https://notcve.org/view.php?id=CVE-2021-4376
The WooCommerce Multi Currency plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.17. This makes it possible for authenticated attackers to change the price of a product to an arbitrary value. El plugin WooCommerce Multi Currency para WordPress es vulnerable a una falta de autorización en versiones hasta la v2.1.17 inclusive. Esto hace posible que atacantes autenticados cambien el precio de un producto a un valor arbitrario. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2734576%40woo-multi-currency&new=2734576%40woo-multi-currency&sfp_email=&sfph_mail= https://wordpress.org/plugins/woo-multi-currency/#developers https://wpscan.com/vulnerability/480125bc-bab3-45b8-9325-a4d406655a61 https://www.wordfence.com/threat-intel/vulnerabilities/id/d8a490c6-14c1-4c71-b44c-1e362cc892a8?source=cve • CWE-862: Missing Authorization •