Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 62 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-22288 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.4.0 - Reflected Cross Site Scripting (XSS) vulnerability WebToffeeWooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels High 7.1 2024-03-27 05:49:44 Deep Dive
CVE-2024-0957 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.1 - Unauthenticated Stored Cross-Site Scripting webtoffeeWebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels Medium 6.1 2024-03-22 02:00:00 Deep Dive
CVE-2023-7068 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.3.0 - Missing Authorization to Order Export webtoffeeWebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels Medium 4.3 2024-01-03 08:29:48 Deep Dive
CVE-2023-32799 WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.3 is vulnerable to Insecure Direct Object References (IDOR) WooCommerceShipping Multiple Addresses Medium 6.5 2023-12-21 18:22:30 Deep Dive
CVE-2023-47789 WordPress WooCommerce Canada Post Shipping Plugin <= 2.8.3 is vulnerable to Cross Site Request Forgery (CSRF) WooCommerceCanada Post Shipping Method Medium 4.3 2023-12-18 15:43:24 Deep Dive
CVE-2023-32575 WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.25 is vulnerable to Cross Site Scripting (XSS) PI WebsolutionProduct page shipping calculator for WooCommerce Medium 5.9 2023-08-25 10:28:39 Deep Dive
CVE-2023-3366 MultiParcels Shipping For WooCommerce < 1.15.2 - Arbitrary Shipment Deletion via CSRF UnknownMultiParcels Shipping For WooCommerce 中危 -2023-08-21 12:29:50 Deep Dive
CVE-2023-3954 MultiParcels Shipping For WooCommerce 1.15.2-1.15.3 - Reflected XSS UnknownMultiParcels Shipping For WooCommerce 中危 -2023-08-21 12:29:49 Deep Dive
CVE-2023-2843 MultiParcels Shipping For WooCommerce < 1.14.15 - Subscribers+ SQLi UnknownMultiParcels Shipping For WooCommerce 高危 -2023-08-07 14:31:26 Deep Dive
CVE-2023-3671 MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS UnknownMultiParcels Shipping For WooCommerce 中危 -2023-08-07 14:31:22 Deep Dive
CVE-2023-3365 MultiParcels Shipping For WooCommerce < 1.14.14 - Subscriber+ Arbitrary Shipment Deletion UnknownMultiParcels Shipping For WooCommerce 高危 -2023-08-07 14:31:21 Deep Dive
CVE-2023-37873 WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Scripting (XSS) WooCommerceShipping Multiple Addresses High 7.1 2023-08-05 22:18:46 Deep Dive
CVE-2023-36514 WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Request Forgery (CSRF) WooCommerceShipping Multiple Addresses Medium 6.5 2023-07-17 14:30:41 Deep Dive
CVE-2023-34015 WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF) PI WebsolutionConditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping Medium 5.4 2023-07-11 08:36:04 Deep Dive
CVE-2022-46794 WordPress WooCommerce Weight Based Shipping Plugin <= 5.4.1 is vulnerable to Cross Site Request Forgery (CSRF) weightbasedshipping.comWooCommerce Weight Based Shipping Medium 4.3 2023-05-24 16:00:07 Deep Dive
CVE-2023-29094 WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.20 is vulnerable to Cross Site Scripting (XSS) PI WebsolutionProduct page shipping calculator for WooCommerce Medium 5.9 2023-04-07 12:59:30 Deep Dive
CVE-2023-0865 WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOR UnknownWooCommerce Multiple Customer Addresses & Shipping 高危 -2023-03-20 15:52:15 Deep Dive
CVE-2022-46805 WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) Lauri Karisola / WP TrioConditional Shipping for WooCommerce Medium 5.4 2023-03-01 14:08:54 Deep Dive
CVE-2022-46815 WordPress Conditional Shipping for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) Lauri Karisola / WP TrioConditional Shipping for WooCommerce Medium 5.4 2023-02-02 16:21:27 Deep Dive
CVE-2022-4107 SMSA Shipping for WooCommerce < 1.0.5 - Subscriber+ Arbitrary File Download UnknownSMSA Shipping for WooCommerce 中危 -2022-12-19 13:41:49 Deep Dive