CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52221 – WordPress Barcode Scanner with Inventory & Order Manager Plugin <= 1.5.1 is vulnerable to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-52221
08 Jan 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner and Inventory manager.This issue affects Barcode Scanner and Inventory manager: from n/a through 1.5.1. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en UkrSolution Barcode Scanner y Inventory Manager. Este problema afecta a Barcode Scanner y Inventory Manager: desde n/a hasta 1.5.1. The Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce plugin f... • https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-1-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52215 – WordPress Barcode Scanner with Inventory & Order Manager Plugin <=1.5.1 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-52215
08 Jan 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UkrSolution Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce.This issue affects Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce: from n/a through 1.5.1. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en UkrSolution Simple Inventory Management: simp... • https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-1-unauthenticated-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •