CVE-2024-8499
- EPSS 2%
- Veröffentlicht 04.10.2024 13:15:12
- Zuletzt bearbeitet 17.02.2026 19:59:20
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to, and including, 2.0.3 due to insufficient input sa...
CVE-2024-35658
- EPSS 0.33%
- Veröffentlicht 10.06.2024 16:15:15
- Zuletzt bearbeitet 21.11.2024 09:20:35
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooComme...
CVE-2022-3490
- EPSS 0.86%
- Veröffentlicht 28.11.2022 14:15:12
- Zuletzt bearbeitet 25.04.2025 16:15:22
The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget ...