VYPR

Checkout Mestres Wp

by WordPress

Source repositories

CVEs (6)

  • CVE-2025-32695CriApr 9, 2025
    risk 0.64cvss 9.8epss 0.01

    Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through <= 8.7.5.

  • CVE-2025-2266CriMar 29, 2025
    risk 0.64cvss 9.8epss 0.01

    The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for…

  • CVE-2023-51472CriApr 24, 2024
    risk 0.64cvss 9.8epss 0.01

    Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.

  • CVE-2023-51469CriDec 31, 2023
    risk 0.60cvss 9.3epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 7.1.9.6.

  • CVE-2023-51471HigApr 24, 2024
    risk 0.53cvss 8.2epss 0.01

    Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.

  • CVE-2024-44030HigOct 2, 2024
    risk 0.47cvss 7.2epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Absolute Path Traversal.This issue affects Checkout Mestres WP: from n/a through <= 8.6.