NotCVE - vendor:"Woo"

Page 4 of 73 results (0.016 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-32584 – WordPress TeraWallet plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-32584

18 Apr 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en StandaloneTech TeraWallet – Para WooCommerce permite Stored XSS. Este problema afecta a TeraWallet – Para WooCommerce: desde n/a hasta 1.5.0. The TeraWa... • https://patchstack.com/database/vulnerability/woo-wallet/wordpress-terawallet-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-32687 – WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-32687

17 Apr 2024 — Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.0.3. Vulnerabilidad de autorización faltante en WPClever WPC Frequently Bought Together for WooCommerce. Este problema afecta a WPC frecuentemente comprado juntos para WooCommerce: desde n/a hasta 7.0.3. The WPC Frequently Bought Together for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing c... • https://patchstack.com/database/vulnerability/woo-bought-together/wordpress-wpc-frequently-bought-together-for-woocommerce-plugin-7-0-3-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-32513 – WordPress Product Feed PRO for WooCommerce plugin <= 13.3.1 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2024-32513

15 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in AdTribes.Io Product Feed PRO for WooCommerce.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.3.1. Vulnerabilidad de inserción de información confidencial en el archivo de registro en AdTribes.Io Product Feed PRO para WooCommerce. Este problema afecta a Product Feed PRO para WooCommerce: desde n/a hasta 13.3.1. The Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds for Google, Facebook/Meta, Bing,... • https://patchstack.com/database/vulnerability/woo-product-feed-pro/wordpress-product-feed-pro-for-woocommerce-plugin-13-3-1-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-32517 – WordPress Custom Thank You Page Customize For WooCommerce by Binary Carpenter plugin <= 1.4.12 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-32517

15 Apr 2024 — Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12. Vulnerabilidad de autorización faltante en WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter. Este problema afecta la página de agradecimiento personalizada personalizada para WooCommerce por Binary Car... • https://patchstack.com/database/vulnerability/bc-woo-custom-thank-you-pages/wordpress-custom-thank-you-page-customize-for-woocommerce-by-binary-carpenter-plugin-1-4-12-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-32519 – WordPress GG Woo Feed for WooCommerce plugin <= 1.2.6 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-32519

15 Apr 2024 — Missing Authorization vulnerability in GutenGeek GG Woo Feed for WooCommerce.This issue affects GG Woo Feed for WooCommerce: from n/a through 1.2.6. Vulnerabilidad de autorización faltante en GutenGeek GG Woo Feed para WooCommerce. Este problema afecta a GG Woo Feed para WooCommerce: desde n/a hasta 1.2.6. The GG Woo Feed for WooCommerce Shopping Feed on Google Facebook and Other Channels plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several func... • https://patchstack.com/database/vulnerability/gg-woo-feed/wordpress-gg-woo-feed-for-woocommerce-plugin-1-2-6-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-32104 – WordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerability

https://notcve.org/view.php?id=CVE-2024-32104

11 Apr 2024 — Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en XLPlugins NextMove Lite. Este problema afecta a NextMove Lite: desde n/a hasta 2.18.1. The NextMove Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.1. This is due to missing or incorrect nonce validation on the xl_addon_installation() function. • https://github.com/Cerberus-HiproPlus/CVE-2024-32104 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31430 – Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins

https://notcve.org/view.php?id=CVE-2024-31430

10 Apr 2024 — Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.1; BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net: from n/a through 1.1.4.1. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en realmag777 WOLF – Wo... • https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31262 – WordPress WooCommerce Checkout Field Editor (Checkout Manager) plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability

https://notcve.org/view.php?id=CVE-2024-31262

05 Apr 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a through 2.1.8. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Jcodex WooCommerce Checkout Field Editor (Checkout Manager). Este problema afecta al WooCommerce Checkout Field Editor (Checkout Manager): desde n/a hasta 2.1.8. The WooCommerce Checkout Field Editor (Checkout Manager) plugin for WordPress is vulner... • https://patchstack.com/database/vulnerability/woo-checkout-regsiter-field-editor/wordpress-woocommerce-checkout-field-editor-checkout-manager-plugin-2-1-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31266 – WordPress Advanced Order Export For WooCommerce plugin <= 3.4.4 - Remote Code Execution (RCE) vulnerability

https://notcve.org/view.php?id=CVE-2024-31266

05 Apr 2024 — Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4. La vulnerabilidad de control inadecuado de la generación de código ("inyección de código") en AlgolPlus Advanced Order Export For WooCommerce permite la inyección de código. Este problema afecta la exportación avanzada de pedidos para WooCommerce: desde n/a hasta 3.4.4. The Advanced O... • https://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-4-4-remote-code-execution-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31117 – WordPress WooCommerce Bookings Calendar plugin <= 1.0.36 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-31117

29 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: from n/a through 1.0.36. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en WooCommerce Bookings Calendar de Moises Heberle para WordPress. Este problema afecta al calendario de reservas de WooCommerce: desde n/a hasta 1.0.36. The WooCommerce ... • https://patchstack.com/database/vulnerability/woo-bookings-calendar/wordpress-woocommerce-bookings-calendar-plugin-1-0-36-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4 5