Search Results (45 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-46812 1 Villatheme 1 Woocommerce Thank You Page Customizer 2025-01-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.
CVE-2022-46806 1 Villatheme 1 Cart All In One For Woocommerce 2025-01-13 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification.
CVE-2023-30482 1 Villatheme 1 Wpbulky 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions.
CVE-2022-1037 1 Villatheme 1 Exmage 2024-11-21 7.2 High
The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs
CVE-2021-25062 1 Villatheme 1 Orders Tracking For Woocommerce 2024-11-21 6.1 Medium
The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting