VYPR

Multiple Shipping Address Woocommerce

by WordPress

CVEs (4)

  • CVE-2023-32799MedDec 21, 2023
    risk 0.42cvss 6.5epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3.

  • CVE-2022-0783May 2, 2022
    risk 0.04cvss epss 0.07

    The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections

  • CVE-2023-0865Mar 20, 2023
    risk 0.01cvss epss 0.01

    The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as…

  • CVE-2023-37873Aug 5, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.