Vulnerabilities > Pluginus > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-24 CVE-2024-8623 Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter
The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3.
network
low complexity
pluginus CWE-94
7.3
7.3
2024-09-14 CVE-2024-8271 Code Injection vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1.
network
low complexity
pluginus CWE-94
7.3
7.3
2024-01-16 CVE-2021-24566 Unspecified vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce
The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.
network
low complexity
pluginus
8.8
8.8
2023-12-17 CVE-2023-49834 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4.
network
low complexity
pluginus CWE-352
8.8
8.8
2023-10-25 CVE-2023-46152 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
network
low complexity
pluginus CWE-352
8.8
8.8
2023-10-20 CVE-2023-4920 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
8.8
8.8
2023-06-22 CVE-2023-34028 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and Manager Professional
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7 versions.
network
low complexity
pluginus CWE-352
8.8
8.8
2023-05-28 CVE-2023-33314 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR plugin <= 1.1.3.1 versions.
network
low complexity
pluginus CWE-352
8.8
8.8
2023-02-06 CVE-2022-4489 Unspecified vulnerability in Pluginus Husky - products Filter Professional for Woocommerce
The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
network
low complexity
pluginus
7.2
7.2