VYPR

Product Delivery Date For Woocommerce Lite

by WordPress

Source repositories

CVEs (6)

  • CVE-2024-10882MedNov 13, 2024
    risk 0.40cvss 6.1epss 0.00

    The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.8.0. This makes it possible…

  • CVE-2023-0537MedMay 8, 2023
    risk 0.35cvss 5.4epss 0.01

    The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform…

  • CVE-2025-69027MedDec 30, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in tychesoftwares Product Delivery Date for WooCommerce – Lite product-delivery-date-for-woocommerce-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Delivery Date for WooCommerce –…

  • CVE-2023-52210MedDec 23, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Tyche softwares Product Delivery Date for WooCommerce – Lite.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through 2.7.0.

  • CVE-2024-38702MedNov 1, 2024
    risk 0.34cvss 5.3epss 0.01

    Missing Authorization vulnerability in Tyche Softwares Product Delivery Date for WooCommerce – Lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through 2.7.2.

  • CVE-2024-9345Oct 4, 2024
    risk 0.00cvss epss 0.00

    The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated…