Vulnerabilities > Najeebmedia > Ppom FOR Woocommerce

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2021-25018 Missing Authorization vulnerability in Najeebmedia Ppom for Woocommerce
The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. 		3.5
3.5
2019-08-12 CVE-2019-14948 Cross-site Scripting vulnerability in Najeebmedia Ppom for Woocommerce
The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure.
network
low complexity
najeebmedia CWE-79
5.4
5.4