CVE-2024-35162 – Download Plugins and Themes from Dashboard <= 1.8.5 - Authenticated (Admin+) Arbitrary File Download
https://notcve.org/view.php?id=CVE-2024-35162
Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server. La vulnerabilidad de Path traversal existe en las versiones de Download Plugins and Themes from Dashboard anteriores a la 1.8.6. Si se explota esta vulnerabilidad, un atacante remoto autenticado con privilegio "switch_themes" puede obtener archivos arbitrarios en el servidor. The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.5 via the download_theme function. • https://jvn.jp/en/jp/JVN85380030 https://wordpress.org/plugins/download-plugins-dashboard • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-31276 – WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.8 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-31276
Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.8. Vulnerabilidad de autorización faltante en WPFactory Products, Order & Customers Export for WooCommerce. Este problema afecta la exportación de productos, pedidos y clientes de WPFactory para WooCommerce: desde n/a hasta 2.0.8. The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the alg_wc_export_admin_product_preview and alg_wc_export_admin_product_change_date_filter functions in all versions up to, and including, 2.0.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to export product features and change date filters. • https://patchstack.com/database/vulnerability/export-woocommerce/wordpress-products-order-customers-export-for-woocommerce-plugin-2-0-8-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVE-2023-51399 – WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-51399
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en WPFactory Back Button Widget permite XSS almacenado. Este problema afecta a Back Button Widget: desde n/a hasta 1.6.3. The Back Button Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/back-button-widget/wordpress-back-button-widget-plugin-1-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-47547 – WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47547
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin <= 2.0.7 versions. Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento WPFactory Products, Order & Customers Export for WooCommerce en versiones <= 2.0.7. The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple date range parameters in versions up to, and including, 2.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/export-woocommerce/wordpress-products-order-customers-export-for-woocommerce-plugin-2-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-4947 – WooCommerce EAN Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) EAN Update
https://notcve.org/view.php?id=CVE-2023-4947
The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refresh_order_ean_data AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with contributor-level access and above, to update EAN numbers for orders. El complemento WooCommerce EAN Payment Gateway para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la acción actualizar_order_ean_data AJAX en versiones hasta 6.1.0. Esto hace posible que atacantes autenticados con acceso de nivel de colaborador y superior actualicen los números EAN de los pedidos. • https://plugins.yanco.dk/product/woocommerce-ean-payment-gateway https://www.wordfence.com/threat-intel/vulnerabilities/id/2760b183-3c15-4f0e-b72f-7c0333f9d4b6?source=cve • CWE-862: Missing Authorization •