e-commerce

WooCommerce Vulnerability – Authenticated (Shop Manager+) Content Injection – CVE-2024-35777 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jun 27, 2024

Plugin Name: WooCommerce Key Information: Software Type: Plugin Software Status: Active Software Author: woocommerce Software Downloads: 322,936,863 Active Installs: 7,000,000 Last Updated: July 11, 2024 Patched Versions: 9.0.0 Affected Versions: <= 8.9.2 Vulnerability Details: Name: WooCommerce <= 8.9.2 Title: Authenticated (Shop Manager+) Content Injection Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-35777 CVSS Score: 2.7 Publicly Published: June 27,…

Read More

Booster for WooCommerce Vulnerability – Unauthenticated Arbitrary Shortcode Execution – CVE-2024-3957 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 1, 2024

Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software Downloads: 3,639,153 Active Installs: 50,000 Last Updated: May 1, 2024 Patched Versions: 7.1.9 Affected Versions: <= 7.1.8 Vulnerability Details: Name: Booster for WooCommerce <= 7.1.8 – Unauthenticated Arbitrary Shortcode Execution Type: Improper Control of Generation…

Read More