CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1743 – WooCommerce Customers Manager < 29.8 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-1743
The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin El complemento de WordPress WooCommerce Customers Manager anterior a la versión 29.8 no sanitiza ni escapa de varios parámetros antes de devolverlos a páginas y atributos, lo que genera Cross-Site Scripting Reflejado que podría usarse contra usuarios con privilegios elevados, como administradores. The WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to 29.8 (exclusive) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/3cb1f707-6093-42a7-a778-2b296bdf1735 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1756 – WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure
https://notcve.org/view.php?id=CVE-2024-1756
The WooCommerce Customers Manager WordPress plugin before 29.8 does not have authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber, to call it and retrieve the list of customer email addresses along with their id, first name and last name El complemento WooCommerce Customers Manager de WordPress anterior a 29.8 no tiene autorización ni CSRF en una acción AJAX, lo que permite a cualquier usuario autenticado, como un suscriptor, llamarlo y recuperar la lista de direcciones de correo electrónico de los clientes junto con su identificación, nombre y apellido. The WooCommerce Customers Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wccm_get_customers_list AJAX action in all versions up to, and including, 29.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve a list of customers and their data. • https://wpscan.com/vulnerability/0baedd8d-2bbe-4091-bec4-f99e25d7290d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1310 – WooCommerce < 8.6 - Contributor+ Private/Draft Products Access
https://notcve.org/view.php?id=CVE-2024-1310
The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they shouldn't have access to. (e.g. private, draft and trashed products) El complemento WooCommerce WordPress anterior a 8.6 no impide que los usuarios con al menos el rol de colaborador filtren productos a los que no deberían tener acceso. (por ejemplo, productos privados, borradores y desechados) The WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to insufficient restrictions in the product shortcode in all versions up to, and including, 8.5.2. This makes it possible for authenticated attackers, with contributor-level access and above, to view private and draft products. • https://wpscan.com/vulnerability/a7735feb-876e-461c-9a56-ea6067faf277 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 2CVE-2024-0399 – WooCommerce Customers Manager < 29.7 - Subscriber+ SQL Injection
https://notcve.org/view.php?id=CVE-2024-0399
The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role. El complemento WooCommerce Customers Manager de WordPress anterior a la versión 29.7 no sanitiza ni escapa adecuadamente un parámetro antes de usarlo en una declaración SQL, lo que genera una inyección de SQL explotable por el rol Suscriptor+. The WooCommerce Customers Manager plugin for WordPress is vulnerable to SQL Injection via the 'max_amount_total' parameter in all versions up to, and including, 29.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://github.com/xbz0n/CVE-2024-0399 https://wpscan.com/vulnerability/1550e30c-bf80-48e0-bc51-67d29ebe7272 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0881 – Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
https://notcve.org/view.php?id=CVE-2024-0881
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not prevent password protected posts from being displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts El complemento Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel de WordPress anterior a 2.2.76 no impide que se muestren publicaciones protegidas con contraseña como resultado de algunas acciones AJAX no autenticadas, lo que permite a usuarios no autenticados leer dichas publicaciones. The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.74 via the post_grid_paginate_ajax_free AJAX endpoint. This makes it possible for unauthenticated attackers to retrieve private and password protected posts that may contain sensitive information. • https://wpscan.com/vulnerability/e460e926-6e9b-4e9f-b908-ba5c9c7fb290 • CWE-284: Improper Access Control •