VYPR

Emagicone Store Manager For Woocommerce

by Emagicone

CVEs (4)

  • CVE-2025-5058CriMay 24, 2025
    risk 0.57cvss 9.8epss 0.01

    The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload…

  • CVE-2025-4603CriMay 24, 2025
    risk 0.52cvss 9.1epss 0.01

    The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to…

  • CVE-2025-4336HigMay 24, 2025
    risk 0.46cvss 8.1epss 0.01

    The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload…

  • CVE-2025-4602MedMay 24, 2025
    risk 0.31cvss 5.9epss 0.01

    The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the get_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the…