CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8499 – Checkout Field Editor (Checkout Manager) for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_notice
https://notcve.org/view.php?id=CVE-2024-8499
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/woo-checkout-field-editor-pro/trunk/admin/class-thwcfd-admin.php#L426 https://plugins.trac.wordpress.org/changeset/3160299 https://www.wordfence.com/threat-intel/vulnerabilities/id/81eb8963-548f-4e94-83bd-266a19c09aab?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35658 – WordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-35658
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2. La limitación inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en ThemeHigh Checkout Field Editor para WooCommerce (Pro) permite el uso indebido de la funcionalidad y la manipulación de archivos. Este problema afecta al Checkout Field Editor para WooCommerce (Pro): desde n/a hasta 3.6.2. The Checkout Field Editor for WooCommerce (Pro) plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.6.2. This is due to the plugin not properly validating a file or it's path prior to deleting it. • https://patchstack.com/database/vulnerability/woocommerce-checkout-field-editor-pro/wordpress-checkout-field-editor-for-woocommerce-pro-plugin-3-6-2-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51545 – WordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-51545
Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in ThemeHigh Job Manager & Career – Manage job board listings, and recruitments.This issue affects Job Manager & Career – Manage job board listings, and recruitments: from n/a through 1.4.4. Vulnerabilidad de Cross-Site Request Forgery (CSRF) y deserialización de datos no confiables en ThemeHigh Job Manager & Career – Manage job board listings, and recruitments. Este problema afecta a Job Manager & Career – Manage job board listings, and recruitments: desde n/a hasta 1.4.4. The Job Manager & Career – Manage job board listings, and recruitments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.4. This is due to missing or incorrect nonce validation on the save_plugin_settings() function. • https://patchstack.com/database/vulnerability/job-manager-career/wordpress-job-manager-career-plugin-1-4-4-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5906 – Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-5906
The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission. El complemento Job Manager & Career de WordPress anterior a 1.4.4 contiene una vulnerabilidad en el sistema de listados de directorios, que permite a un usuario no autorizado ver y descargar archivos privados de otros usuarios. Esta vulnerabilidad plantea una grave amenaza a la seguridad porque permite a un atacante obtener acceso a datos y archivos confidenciales de otros usuarios sin su permiso. The Job Manager & Career – Manage job board listings, and recruitments plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.3 in cases where directory listing is enabled. • https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3490 – Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection
https://notcve.org/view.php?id=CVE-2022-3490
The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present El complemento Checkout Field Editor (Checkout Manager) de WooCommerce para WordPress anterior a 1.8.0 deserializa la entrada del usuario proporcionada a través de la configuración, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar inyección de objetos PHP cuando hay un dispositivo adecuado presente. The Checkout Field Editor plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.7.2 via deserialization of untrusted input from the 'save_plugin_settings' function and the 'i_settings_data' parameter. This allows administrator-level attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. • https://wpscan.com/vulnerability/0c9f22e0-1d46-4957-9ba5-5cca78861136 • CWE-502: Deserialization of Untrusted Data •