CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24846 – Ni WooCommerce Custom Order Status < 1.9.7 - Subscriber+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-24846
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7, used by the niwoocos_ajax AJAX action, available to all authenticated users, does not properly sanitise the sort parameter before using it in a SQL statement, leading to an SQL injection, exploitable by any authenticated users, such as subscriber La función get_query() del plugin Ni WooCommerce Custom Order Status de WordPress versiones anteriores a 1.9.7, usada por la acción AJAX niwoocos_ajax, disponible para todos los usuarios autenticados, no sanea adecuadamente el parámetro sort antes de usarlo en una sentencia SQL, conllevando a una inyección SQL, explotable por cualquier usuario autenticado, como el suscriptor • https://wpscan.com/vulnerability/a1e7cd2b-8400-4c5d-8b47-a8ccd1e21675 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42363 – Preview E-Mails for WooCommerce <= 1.6.8 Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-42363
The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the search_order parameter found in the ~/views/form.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.6.8. El plugin Preview E-Mails for WooCommerce de WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Reflejado por medio del parámetro search_order encontrado en el archivo ~/views/form.php que permite a atacantes inyectar scripts web arbitrarios, en versiones hasta la 1.6.8 incluyéndola • https://plugins.trac.wordpress.org/changeset/2625941/woo-preview-emails/trunk/views/form.php https://www.wordfence.com/blog/2021/11/woocommerce-extension-reflected-xss-vulnerability https://www.wordfence.com/vulnerability-advisories/#CVE-2021-42363 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24938 – WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24938
The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape the key parameter of the woocs_update_profiles_data AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected cross-Site Scripting issue El plugin WOOCS de WordPress versiones anteriores a 1.3.7.1, no sanea ni escapa del parámetro key de la acción AJAX woocs_update_profiles_data (disponible para cualquier usuario autenticado) antes de devolverlo a la respuesta, conllevando a un problema de tipo cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/df8a6f2c-e075-45d5-9262-b4eb63c9351e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39331 – YITH Easy Login & Register Popup for WooCommerce <= 1.8.0 - Authentication Bypass via Password Reset
https://notcve.org/view.php?id=CVE-2021-39331
The YITH Easy Login & Register Popup for WooCommerce plugin for WordPress is vulnerable to authorization bypass via password reset in versions up to, and including, 1.8.0. This is due to the plugin failing to properly validate if a user is authorized to perform a password reset for the supplied user_login via the yith_welrp_form_action AJAX. This makes it possible for unauthenticated users to reset administrators password and then log in to a site using that account. • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 23EXPL: 0CVE-2021-32790 – Blind SQL Injection possible via Authenticated Web-hook Search API Endpoint
https://notcve.org/view.php?id=CVE-2021-32790
Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. • https://github.com/woocommerce/woocommerce/security/advisories/GHSA-7vx5-x39w-q24g https://woocommerce.com/posts/critical-vulnerability-detected-july-2021 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •