VYPR

Woocommerce Currency Switcher

by WordPress

Source repositories

CVEs (6)

  • CVE-2024-10640HigNov 9, 2024
    risk 0.48cvss 7.3epss 0.00

    The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a…

  • CVE-2024-3734MedMay 2, 2024
    risk 0.42cvss 6.5epss 0.01

    The FOX – Currency Switcher Professional for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 1.4.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability…

  • CVE-2026-39501MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FOX: from n/a through <= 1.4.5.

  • CVE-2024-9217MedMar 1, 2025
    risk 0.33cvss 6.1epss 0.00

    The Currency Switcher for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.16.2. This makes it possible for unauthenticated attackers…

  • CVE-2026-9241MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the `get_value()` function in `classes/fixed/fixed_user_role.php` trusting…

  • CVE-2024-30458MedMar 29, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOOCS – WooCommerce Currency Switcher.This issue affects WOOCS – WooCommerce Currency Switcher: from n/a through 1.4.1.7.