Zaytech

Smart Online Order For Clover

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3

CVE-2026-42745

  • EPSS 0.23%
  • Veröffentlicht 27.05.2026 09:49:05
  • Zuletzt bearbeitet 27.05.2026 14:50:47

Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Authentication Bypass.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0.

7.3

CVE-2026-42746

  • EPSS 0.19%
  • Veröffentlicht 27.05.2026 09:49:05
  • Zuletzt bearbeitet 27.05.2026 14:50:47

Insertion of Sensitive Information Into Sent Data vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Retrieve Embedded Sensitive Data.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0.

7.1

CVE-2026-42738

  • EPSS 0.15%
  • Veröffentlicht 27.05.2026 09:49:04
  • Zuletzt bearbeitet 27.05.2026 14:50:47

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through <= 1...

4.3

CVE-2025-15635

  • EPSS 0.11%
  • Veröffentlicht 15.04.2026 15:49:53
  • Zuletzt bearbeitet 23.04.2026 15:22:54

Cross-Site Request Forgery (CSRF) vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0.

9.8

CVE-2024-43253

  • EPSS 0.6%
  • Veröffentlicht 01.11.2024 15:15:43
  • Zuletzt bearbeitet 23.04.2026 15:18:52

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through <= 1.5.6.

8.8

CVE-2024-43254

  • EPSS 0.42%
  • Veröffentlicht 01.11.2024 15:15:43
  • Zuletzt bearbeitet 23.04.2026 15:18:52

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through <= 1.5.6.

6.1

CVE-2024-8787

  • EPSS 0.36%
  • Veröffentlicht 16.10.2024 02:15:06
  • Zuletzt bearbeitet 11.02.2025 20:14:03

The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.5.7. This makes ...

5.4

CVE-2024-9895

  • EPSS 0.33%
  • Veröffentlicht 15.10.2024 09:15:03
  • Zuletzt bearbeitet 17.10.2024 20:50:03

The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link shortcode in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping on ...

4.3

CVE-2024-7030

  • EPSS 0.35%
  • Veröffentlicht 21.08.2024 06:15:10
  • Zuletzt bearbeitet 08.04.2026 18:22:29

The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated att...

6.5

CVE-2024-7032

  • EPSS 0.48%
  • Veröffentlicht 21.08.2024 06:15:10
  • Zuletzt bearbeitet 08.04.2026 18:22:29

The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unaut...