Woo

Product Vendors

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2017-20193

Media report
  • EPSS 1.06%
  • Published 16.10.2024 08:15:03
  • Last modified 30.10.2024 20:46:34

The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

5.3

CVE-2023-52186

  • EPSS 0.21%
  • Published 11.06.2024 10:15:11
  • Last modified 21.11.2024 08:39:21

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.

7.2

CVE-2023-33331

  • EPSS 0.14%
  • Published 18.12.2023 23:15:07
  • Last modified 21.11.2024 08:05:26

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76.

9.8

CVE-2023-35879

  • EPSS 0.44%
  • Published 31.10.2023 15:15:08
  • Last modified 21.11.2024 08:08:53

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78.