Filtered by vendor Zaytech
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-46312 | 1 Zaytech | 1 Smart Online Order For Clover | 2024-09-06 | 7.1 High |
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zaytech Smart Online Order for Clover plugin <= 1.5.4 versions. | ||||
CVE-2024-7032 | 1 Zaytech | 1 Smart Online Order For Clover | 2024-08-31 | 6.5 Medium |
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to deactivate the plugin and drop all plugin tables from the database. | ||||
CVE-2024-7030 | 1 Zaytech | 1 Smart Online Order For Clover | 2024-08-31 | 4.3 Medium |
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update product and category descriptions, category titles and images, and sort order. |
Page 1 of 1.