VYPR

Customer Email Verification for WooCommerce

by WordPress

CVEs (3)

  • CVE-2024-4185HigApr 30, 2024
    risk 0.46cvss 8.1epss 0.01

    The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated…

  • CVE-2024-13525MedFeb 15, 2025
    risk 0.42cvss 6.5epss 0.00

    The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via Shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract…

  • CVE-2024-13528HigFeb 12, 2025
    risk 0.42cvss 7.5epss 0.00

    The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.9.5. This is due to the presence of a shortcode that will generate a confirmation link with a placeholder email. This makes it…