CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2023-23868 – Cost of Goods for WooCommerce <= 2.8.6 - Missing Authorization in save_costs
https://notcve.org/view.php?id=CVE-2023-23868
The Cost of Goods for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_costs function in versions up to, and including, 2.8.6. This makes it possible for authenticated attackers, with contributor-level permissions and above, to perform an unauthorized edit or save of prices. • CWE-862: Missing Authorization •
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2022-45813 – BeRocket Plugins <= (Various Versions) - Missing Authorization
https://notcve.org/view.php?id=CVE-2022-45813
Several BeRocket Plugins for WordPress are vulnerable to authorization bypass due to missing capability checks on functions corresponding to AJAX actions that are available to subscribers. This includes the close_notice, subscribe, disable_rate_notice, feature_request_send, get_plugin_error_ajax, close_notice, and test_key functions This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those functions intended for administrator use. One of the functions is used to subscribe to the BeRocket newsletter and can be used by subscribers to subscribe arbitrary email addresses. These functions are still missing Cross-Site Request Forgery Protection. • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4329 – Product list Widget for Woocommerce <= 1.0 - Reflected XSS
https://notcve.org/view.php?id=CVE-2022-4329
The Product list Widget for Woocommerce WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users (such as high privilege one like admin). El complemento Product list Widget for Woocommerce de WordPress hasta la versión 1.0 no sanitiza ni escapa un parámetro antes de devolverlo a la página, lo que genera un cross-site scripting reflejado que podría usarse contra usuarios autenticados y no autenticados (como uno con privilegios altos como administración). The Product list Widget for Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on the 'formid' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Please note the vulnerable and patched versions are the same as the developer did not update the version number in the patched version. • https://wpscan.com/vulnerability/d7f2c1c1-75b7-4aec-8574-f38d506d064a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44630 – YITH plugins by YITHEMES <= (Various Versions) - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2022-44630
Several YITHEMES plugins for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing or incorrect nonce validation on the create_log_file function. This makes it possible for unauthenticated attackers to create an error or debug log file using the plugin, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. The function allows the user to specify the file name. Please note that the unpatched plugins from this developer are the FREE versions of the plugin that were available on the WordPress.org repository. • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41656 – Account Manager for WooCommerce <= 2.1.1 - Missing Authorization
https://notcve.org/view.php?id=CVE-2022-41656
The Account Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to export sensitive information such as user id, first name, and last name of registered users. • CWE-862: Missing Authorization •