VYPR

Wpc Shop As A Customer For Woocommerce

by Wpclever

CVEs (2)

  • CVE-2024-50416HigOct 28, 2024
    risk 0.57cvss 8.8epss 0.00

    Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce wpc-shop-as-customer allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through <= 1.2.6.

  • CVE-2024-12432HigDec 18, 2024
    risk 0.53cvss 8.1epss 0.01

    The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover and privilege escalation in all versions up to, and including, 1.2.8. This is due to the 'generate_key' function not producing a sufficiently random value. This makes it possible…