Vulnerabilities > Pluginus > Husky Products Filter Professional FOR Woocommerce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-11 | CVE-2025-1661 | Path Traversal vulnerability in Pluginus Husky - products Filter Professional for Woocommerce The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the woof_text_search AJAX action. | 9.8 |
| 2024-12-13 | CVE-2023-40334 | Missing Authorization vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Missing Authorization vulnerability in realmag777 HUSKY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through 1.3.4.2. | 8.8 |
| 2024-09-25 | CVE-2024-7491 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.6.1 via the woof_messenger_remove_subscr AJAX action due to missing validation on the 'key' user controlled key. | 4.3 |
| 2024-08-13 | CVE-2024-43121 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This issue affects HUSKY: from n/a through 1.3.6.1. | 7.2 |
| 2024-07-16 | CVE-2024-6457 | SQL Injection vulnerability in Pluginus Husky - products Filter Professional for Woocommerce The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the ‘woof_author’ parameter in all versions up to, and including, 1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2024-05-17 | CVE-2024-32680 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in PluginUS HUSKY – Products Filter for WooCommerce (formerly WOOF) allows Using Malicious Files, Code Inclusion.This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.2. | 8.8 |
| 2024-03-29 | CVE-2024-30462 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.1. | 8.8 |
| 2024-03-29 | CVE-2024-3061 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.5.2 via the 'type' parameter. | 7.2 |
| 2024-03-15 | CVE-2023-50861 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.4.3. | 8.8 |
| 2023-12-20 | CVE-2023-40010 | Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2. | 9.8 |