CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2021-39331 – YITH Easy Login & Register Popup for WooCommerce <= 1.8.0 - Authentication Bypass via Password Reset
https://notcve.org/view.php?id=CVE-2021-39331
20 Sep 2021 — The YITH Easy Login & Register Popup for WooCommerce plugin for WordPress is vulnerable to authorization bypass via password reset in versions up to, and including, 1.8.0. This is due to the plugin failing to properly validate if a user is authorized to perform a password reset for the supplied user_login via the yith_welrp_form_action AJAX. This makes it possible for unauthenticated users to reset administrators password and then log in to a site using that account. • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 23EXPL: 0CVE-2021-32790 – Blind SQL Injection possible via Authenticated Web-hook Search API Endpoint
https://notcve.org/view.php?id=CVE-2021-32790
13 Jul 2021 — Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search`... • https://github.com/woocommerce/woocommerce/security/advisories/GHSA-7vx5-x39w-q24g • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24323 – Woocommerce < 5.2.0 - Authenticated Stored Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24323
21 Apr 2021 — When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled Cuando la opción taxes está habilitada, el campo "Additional tax classes" no es saneado apropiadamente antes de ser devuelto en el panel de administración, permitiendo a usuarios con altos privilegios, tales como el administrador, usar cargas útiles XSS inclus... • https://wpscan.com/vulnerability/6d262555-7ae4-4e36-add6-4baa34dc3010 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24212 – WooCommerce Help Scout < 2.9.1 - Unauthenticated Arbitrary File Upload leading to RCE
https://notcve.org/view.php?id=CVE-2021-24212
21 Mar 2021 — The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp. El plugin del WordPress WooCommerce Help Scout, versiones anteriores a 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) permite a usuarios no autenticados cargar cualquier archivo en el sitio que, por defecto, terminará en wp-content/uploads/hstmp • http://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-help-scout/changelog.txt • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24171 – WooCommerce Upload Files < 59.4 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-24171
04 Mar 2021 — The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to remove blocked extensions such as .php. It was possible to bypass this and upload a file with a PHP extension by embedding a "blocked" extension within another "blocked" extension in the "wcuf_file_name" parameter. It was also possible to perform a double extension attack and upload files to a different location via path traversal using the "wcuf_current_upload_session_id" parameter. El plugin de WordPress WooCommerc... • https://wpscan.com/vulnerability/ed4288a1-f7e4-455f-b765-5ac343f87194 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35627
https://notcve.org/view.php?id=CVE-2020-35627
28 Dec 2020 — Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image extension to PHP and executing PHP code on the server. Ultimate WooCommerce Gift Cards versión 3.0.2, está afectada por una vulnerabilidad de carga de archivos en la Custom GiftCard Template que puede ejecutar remotam... • https://gist.github.com/bc0d3/cbc458f0fcbe0f897e529c7f3d77c9d6 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-11497 – NAB Transact < 2.1.2 - Payment System Bypass
https://notcve.org/view.php?id=CVE-2020-11497
20 Aug 2020 — An issue was discovered in the NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress. An online payment system bypass allows orders to be marked as fully paid by assigning an arbitrary bank transaction ID during the payment-details entry step. Se detectó un problema en la extensión NAB Transact versión 2.1.0, para el plugin WooCommerce para WordPress. Una omisión del sistema de pago en línea permite que los pedidos sean marcados como pagados en su totalidad mediante la asignación de una ID d... • http://packetstormsecurity.com/files/158931/WordPress-NAB-Transact-WooCommerce-2.1.0-Payment-Bypass.html • CWE-354: Improper Validation of Integrity Check Value CWE-693: Protection Mechanism Failure •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-20891
https://notcve.org/view.php?id=CVE-2019-20891
19 Jun 2020 — WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc-product-csv-importer-controller.php. WooCommerce versiones anteriores a 3.6.5, cuando maneja las importaciones CSV de productos, presenta un problema de tipo cross-site request forgery (CSRF) con un cross-site scripting (XSS) almacenado resultante (Un ataque de tipo XSS) por medio del archivo includes/admin/imp... • https://blog.ripstech.com/2019/woocommerce-csrf-to-stored-xss • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36841 – WooCommerce Smart Coupons <= 4.6.0 - Unauthenticated Coupon Creation
https://notcve.org/view.php?id=CVE-2020-36841
04 Mar 2020 — The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the woocommerce_coupon_admin_init function in versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to send themselves gift certificates of any value, which could be redeemed for products sold on the victim’s storefront. El complemento WooCommerce Smart Coupons para WordPress es vulnerable a la omisión de autorización debido a una falta de verific... • https://www.wordfence.com/blog/2020/03/coupon-creation-vulnerability-patched-in-woocommerce-smart-coupons • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-29156 – WooCommerce < 4.7.0 - Insecure Direct Object Reference via order_id Parameter
https://notcve.org/view.php?id=CVE-2020-29156
21 Jan 2020 — The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. El plugin WooCommerce versiones anteriores a 4.7.0 para WordPress, permite a atacantes remotos visualizar el estado de pedidos arbitrarios por medio del parámetro order_id en una acción fetch_order_status • https://github.com/Ko-kn3t/CVE-2020-29156 • CWE-639: Authorization Bypass Through User-Controlled Key •