Posts Tagged ‘e-commerce security’
Mollie Payments for WooCommerce Vulnerability – Unauthenticated Full Path Disclosure – CVE-2024-6448 | WordPress Plugin Vulnerability Report
Plugin Name: Mollie Payments for WooCommerce Key Information: Software Type: Plugin Software Slug: mollie-payments-for-woocommerce Software Status: Active Software Author: mollieintegration Software Downloads: 3,421,407 Active Installs: 100,000 Last Updated: August 27, 2024 Patched Versions: 7.8.0 Affected Versions: <= 7.7.0 Vulnerability Details: Name: Mollie Payments for WooCommerce <= 7.7.0 Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-6448 CVSS Score: 5.3 Publicly…
Read MoreShopLentor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via woolentorsearch Shortcode – CVE-2024-3345 | WordPress Plugin Vulnerability Report
Plugin Name: ShopLentor Key Information: Software Type: Plugin Software Slug: woolentor-addons Software Status: Active Software Author: devitemsllc Software Downloads: 3,557,867 Active Installs: 100,000 Last Updated: May 20, 2024 Patched Versions: 2.8.9 Affected Versions: <= 2.8.8 Vulnerability Details: Name: ShopLentor <= 2.8.8 – Authenticated (Contributor+) Stored Cross-Site Scripting via woolentorsearch Shortcode Type: Improper Neutralization of Input…
Read MoreEasy Digital Downloads Vulnerability – Cross-Site Request Forgery – CVE-2024-31113 | WordPress Plugin Vulnerability Report
Plugin Name: Easy Digital Downloads Key Information: Software Type: Plugin Software Slug: easy-digital-downloads Software Status: Active Software Author: smub Software Downloads: 4,985,103 Active Installs: 50,000 Last Updated: May 9, 2024 Patched Versions: 3.2.12 Affected Versions: <= 3.2.11 Vulnerability Details: Name: Easy Digital Downloads <= 3.2.11 – Cross-Site Request Forgery Type: Cross-Site Request Forgery (CSRF) CVE:…
Read MoreContact Form by WPForms Vulnerability – Unauthenticated Price Manipulation – CVE-2024-3649 | WordPress Plugin Vulnerability Report
Plugin Name: Contact Form by WPForms Key Information: Software Type: Plugin Software Slug: wpforms-lite Software Status: Active Software Author: smub Software Downloads: 201,516,943 Active Installs: 5,000,000 Last Updated: May 1, 2024 Patched Versions: 1.8.8.2 Affected Versions: <= 1.8.7.2 Vulnerability Details: Name: Contact Form by WPForms – Drag & Drop Form Builder for WordPress <= 1.8.7.2…
Read MorePrint Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report
Plugin Name: Print Invoice & Delivery Notes for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-delivery-notes Software Status: Active Software Author: tychesoftwares Software Downloads: 999,558 Active Installs: 40,000 Last Updated: May 10, 2024 Patched Versions: 4.9.0 Affected Versions: <= 4.8.1 Vulnerability Details: Name: Multiple Plugins by tychesoftwares <= 4.8.1 Title: Missing Authorization to Notice…
Read MoreCustomer Reviews for WooCommerce Vulnerability – Reflected Cross-Site Scripting via ‘s’ – CVE-2024-3731 | WordPress Plugin Vulnerability Report
Plugin Name: Customer Reviews for WooCommerce Key Information: Software Type: Plugin Software Slug: customer-reviews-woocommerce Software Status: Active Software Author: ivole Software Downloads: 4,233,598 Active Installs: 60,000 Last Updated: May 2, 2024 Patched Versions: 5.48.0 Affected Versions: <= 5.47.0 Vulnerability Details: Name: Customer Reviews for WooCommerce <= 5.47.0 Title: Reflected Cross-Site Scripting via ‘s’ Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N…
Read MoreHUSKY Vulnerability – Products Filter Professional for WooCommerce – Authenticated (Subscriber+) Remote Code Execution – CVE-2024-32680 | WordPress Plugin Vulnerability Report
Plugin Name: HUSKY – Products Filter Professional for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-products-filter Software Status: Active Software Author: realmag777 Software Downloads: 1,705,152 Active Installs: 100,000 Last Updated: April 29, 2024 Patched Versions: 1.3.5.3 Affected Versions: <= 1.3.5.2 Vulnerability Details: Name: HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.5.2 Title:…
Read MoreWooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Vulnerability – Missing Authorization to Unauthenticated Settings Reset – CVE-2024-3216 | WordPress Plugin Vulnerability Report
Plugin Name: WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Key Information: Software Type: Plugin Software Slug: print-invoices-packing-slip-labels-for-woocommerce Software Status: Active Software Author: webtoffee Software Downloads: 1,383,697 Active Installs: 50,000 Last Updated: April 8, 2024 Patched Versions: 4.4.3 Affected Versions: <= 4.4.2 Vulnerability Details: Name: WooCommerce PDF Invoices, Packing Slips, Delivery Notes and…
Read MoreShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-site Scripting via QR Code Widget – CVE-2024-2946 | WordPress Plugin Vulnerability Report
Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key Information: Software Type: Plugin Software Slug: woolentor-addons Software Status: Active Software Author: devitemsllc Software Downloads: 3,355,176 Active Installs: 100,000 Last Updated: April 4, 2024 Patched Versions: 2.8.5 Affected Versions: <= 2.8.4 Vulnerability Details: Name: ShopLentor…
Read MoreWooCommerce PDF Invoices, Packing Slips, Delivery Notes, and Shipping Labels – Unauthenticated Stored Cross-Site Scripting – CVE-2024-0957| WordPress Plugin Vulnerability Report
Plugin Name: WooCommerce PDF Invoices, Packing Slips, Delivery Notes, and Shipping Labels Key Information: Software Type: Plugin Software Slug: print-invoices-packing-slip-labels-for-woocommerce Software Status: Active Software Author: webtoffee Software Downloads: 1,355,245 Active Installs: 50,000 Last Updated: March 21, 2024 Patched Versions: 4.4.2 Affected Versions: <= 4.4.1 Vulnerability Details: Name: WooCommerce PDF Invoices, Packing Slips, Delivery Notes and…
Read More