Vulnerabilities > Standalonetech > Terawallet > 1.4.0

DATE CVE VULNERABILITY TITLE RISK
2024-04-18 CVE-2024-32584 Unspecified vulnerability in Standalonetech Terawallet
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0.
network
low complexity
standalonetech
4.8
2022-11-29 CVE-2022-3995 Authorization Bypass Through User-Controlled Key vulnerability in Standalonetech Terawallet
The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3.
network
low complexity
standalonetech CWE-639
4.3