VYPR

Product Vendors

by Woo

CVEs (5)

  • CVE-2023-33331HigDec 18, 2023
    risk 0.55cvss 8.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76.

  • CVE-2023-35879HigOct 31, 2023
    risk 0.49cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78.

  • CVE-2017-20193Oct 16, 2024
    risk 0.00cvss epss 0.00

    The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2023-52186Jun 11, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.

  • CVE-2023-51494Jun 9, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1.