Page 17 of 299 results (0.005 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. Vulnerabilidad de autorización faltante en Woo WooCommerce Ship to Multiple Addresses. Este problema afecta a WooCommerce Ship to Multiple Addresses: desde n/a hasta 3.8.9. The WooCommerce Ship to Multiple Addresses plugin for WordPress is vulnerable to unauthorized action due to a missing capability check on a function in versions up to, and in... • https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-9-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in WooCommerce WooCommerce Shipping Per Product.This issue affects WooCommerce Shipping Per Product: from n/a through 2.5.4. Vulnerabilidad de autorización faltante en WooCommerce WooCommerce Shipping Per Product. Este problema afecta el envío por producto de WooCommerce: desde n/a hasta 2.5.4. The WooCommerce Shipping Per Product plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.5... • https://patchstack.com/database/vulnerability/woocommerce-shipping-per-product/wordpress-woocommerce-shipping-per-product-plugin-2-5-4-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3. Vulnerabilidad de autenticación incorrecta en Pluggabl LLC Booster Elite para WooCommerce permite acceder a funciones que no están correctamente restringidas por las ACL. Este problema afecta a Booster Elite para WooCommerce: desde n/a antes de 7.1.3. The Booster Elite for WooCommerce plugi... • https://patchstack.com/database/vulnerability/booster-elite-for-woocommerce/wordpress-booster-elite-for-woocommerce-plugin-7-1-3-authenticated-production-creation-modification-vulnerability?_s_id=cve • CWE-285: Improper Authorization CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1. Una vulnerabilidad de gestión de privilegios incorrecta en WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Label permite la escalada de privilegios. Este problema afecta a WooCommerce PDF Invoices, Pa... • https://patchstack.com/database/vulnerability/print-invoices-packing-slip-labels-for-woocommerce/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-2-1-privilege-escalation-vulnerability?_s_id=cve • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through 3.0.2. Vulnerabilidad de autorización faltante en BulkGate BulkGate SMS Plugin for WooCommerce. Este problema afecta a BulkGate SMS Plugin for WooCommerce: desde n/a hasta 3.0.2. The BulkGate SMS Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX in vers... • https://patchstack.com/database/vulnerability/woosms-sms-module-for-woocommerce/wordpress-bulkgate-sms-plugin-for-woocommerce-plugin-3-0-2-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce.This issue affects Customer Reviews for WooCommerce: from n/a through 5.38.1. Vulnerabilidad de autorización faltante en CusRev Customer Reviews for WooCommerce. Este problema afecta a las Reseñas de clientes de WooCommerce: desde n/a hasta 5.38.1. The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple functions in the 'CR_Manual' ... • https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-38-1-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in Woo WooCommerce Canada Post Shipping.This issue affects WooCommerce Canada Post Shipping: from n/a through 2.8.3. Vulnerabilidad de autorización faltante en Woo WooCommerce Canada Post Shipping. Este problema afecta a WooCommerce Canada Post Shipping: desde n/a hasta 2.8.3. The WooCommerce Canada Post Shipping plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.8.3. This makes it ... • https://patchstack.com/database/vulnerability/woocommerce-shipping-canada-post/wordpress-woocommerce-canada-post-shipping-plugin-2-8-3-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

27 Dec 2023 — Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. Vulnerabilidad de autorización faltante en Woo WooCommerce Warranty Requests. Este problema afecta a WooCommerce Warranty Requests: desde n/a hasta 2.2.7. The WooCommerce Warranty Requests plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.2.7. This makes it possible for un... • https://patchstack.com/database/vulnerability/woocommerce-warranty/wordpress-woocommerce-warranty-requests-plugin-2-2-7-broken-access-control-vulnerability-2?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

26 Dec 2023 — Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Marketplace: from n/a through 4.0.23. The WC Marketplace plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mvx_save_dashpages' function in versions up to, and including, 4.0.23. This makes it possible for unauthenticated attackers to update the plugin's settings. • https://patchstack.com/database/wordpress/plugin/dc-woocommerce-multi-vendor/vulnerability/wordpress-multivendorx-plugin-4-0-23-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

26 Dec 2023 — Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize My Account for WooCommerce.This issue affects Customize My Account for WooCommerce: from n/a through 1.8.3. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en SysBasics Customize My Account for WooCommerce. Este problema afecta a Customize My Account for WooCommerce: desde n/a hasta 1.8.3. The Customize My Account for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.3.... • https://patchstack.com/database/vulnerability/customize-my-account-for-woocommerce/wordpress-customize-my-account-for-woocommerce-plugin-1-8-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •