CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2555 – Yotpo Reviews for WooCommerce <= 2.0.4 - Arbitrary Settings Update via CSRF
https://notcve.org/view.php?id=CVE-2022-2555
The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. El plugin Yotpo Reviews for WooCommerce de WordPress versiones hasta 2.0.4, carece de comprobación de nonce cuando es actualizada su configuración, lo que podría permitir a un atacante hacer que un administrador conectado los cambie por medio de un ataque de tipo CSRF. The Yotpo Reviews for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation when modifying plugin settings. This makes it possible for unauthenticated attackers to trigger changes to the plugin's own settings via forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/7ec9e493-bc48-4a5d-8c7e-34beaba892ae • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30998 – WordPress Homepage Product Organizer for WooCommerce plugin <= 1.1 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. Múltiples vulnerabilidades de Inyección SQL (SQLi) Autenticadas (rol de suscriptor o usuario superior) en el plugin Homepage Product Organizer for WooCommerce de WooPlugins.co versiones anteriores a 1.1 incluyéndola, en WordPress The Homepage Product Organizer for WooCommerce plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level permissions and above to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/homepage-product-organizer-for-woocommerce/wordpress-homepage-product-organizer-for-woocommerce-plugin-1-1-multiple-authenticated-sql-injection-sqli-vulnerabilities https://wordpress.org/plugins/homepage-product-organizer-for-woocommerce/#description • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1933 – CDI < 5.1.9 - Reflected Cross-Site-Scripting
https://notcve.org/view.php?id=CVE-2022-1933
The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting El plugin CDI de WordPress versiones anteriores a 5.1.9, no sanea y escapa de un parámetro antes de devolverlo en la respuesta de una acción AJAX (disponible tanto para usuarios no autenticados como autenticados), conllevando a un ataque de tipo Cross-Site Scripting Reflejado CDI – Collect and Deliver Interface for Woocommerce plugin for WordPress is vulnerable to Cross-Site Scripting via multiple parameters in version up to, and including, 5.1.9. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wpscan.com/vulnerability/6cedb27f-6140-4cba-836f-63de98e521bf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2099 – WooCommerce < 6.6.0 - Admin+ Stored HTML Injection
https://notcve.org/view.php?id=CVE-2022-2099
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles El plugin WooCommerce de WordPress versiones anteriores a 6.6.0 es vulnerable a la inyección de HTML almacenado debido a la falta de escape y sanitización en los títulos de la pasarela de pago The WooCommerce plugin for WordPress is vulnerable to Stored HTML Injection via payment gateway titles in versions up to 6.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with high-level capabilities, such as a Store Manager, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1470 – Ultimate WooCommerce CSV Importer <= 2.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1470
The Ultimate WooCommerce CSV Importer WordPress plugin through 2.0 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting El plugin Ultimate WooCommerce CSV Importer de WordPress versiones hasta 2.0, no sanea y escapa de los datos importados antes de devolverlos a la página, lo que conlleva a un Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/13bb796f-7a17-47c9-a46f-a1d6ca4b6b91 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •