Filtered by vendor Thisfunctional Subscriptions
Filtered by product Ctt Expresso Para Woocommerce Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6687 1 Thisfunctional 1 Ctt Expresso Para Woocommerce 2024-11-23 5.3 Medium
The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender and receiver names, phone numbers, physical addresses, and email addresses
CVE-2022-47589 1 Thisfunctional 1 Ctt Expresso Para Woocommerce 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in this.Functional CTT Expresso para WooCommerce pluginĀ <= 3.2.11 versions.