Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-37211
- EPSS 0.12%
- Published 22.07.2024 10:15:06
- Last modified 21.11.2024 09:23:24
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali2Woo Team Ali2Woo Lite allows Reflected XSS.This issue affects Ali2Woo Lite: from n/a through 3.3.5.
6.3
CVE-2024-4450
- EPSS 0.08%
- Published 19.06.2024 04:15:11
- Last modified 21.11.2024 09:42:51
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in all versions up to, and including, 3.3.5. This make...
8.8
CVE-2024-2381
- EPSS 9.86%
- Published 19.06.2024 04:15:10
- Last modified 21.11.2024 09:09:37
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for aut...
1