VYPR

DN Shipping by Weight for WooCommerce

by WordPress

CVEs (2)

  • CVE-2025-32535HigApr 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digireturn DN Shipping by Weight for WooCommerce dn-shipping-by-weight allows Reflected XSS.This issue affects DN Shipping by Weight for WooCommerce: from n/a through <= 1.2.

  • CVE-2024-11842MedDec 27, 2024
    risk 0.28cvss 4.3epss 0.00

    The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack