Vulnerabilities > Tychesoftwares
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-29 | CVE-2024-10226 | Cross-site Scripting vulnerability in Tychesoftwares Arconix Shortcodes The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-10-18 | CVE-2024-9703 | Cross-site Scripting vulnerability in Tychesoftwares Arconix Shortcodes The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-10-04 | CVE-2024-9345 | Cross-site Scripting vulnerability in Tychesoftwares Product Delivery Date for Woocommerce The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.3. | 6.1 |
2024-02-05 | CVE-2024-0678 | Cross-site Scripting vulnerability in Tychesoftwares Order Delivery Date for WP E-Commerce 1.2 The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'available-days-tf' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. | 6.1 |
2024-01-16 | CVE-2023-0479 | Cross-site Scripting vulnerability in Tychesoftwares Print Invoice & Delivery Notes for Woocommerce The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. | 6.1 |
2023-10-16 | CVE-2023-44986 | Cross-site Scripting vulnerability in Tychesoftwares Abandoned Cart Lite for Woocommerce Auth. | 4.8 |
2023-10-10 | CVE-2023-41858 | Unspecified vulnerability in Tychesoftwares Order Delivery Date for Woocommerce 1.0/1.1/1.2 Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions. | 8.8 |
2023-10-02 | CVE-2023-41859 | Unspecified vulnerability in Tychesoftwares Order Delivery Date for WP E-Commerce 1.2 Auth. | 4.8 |
2023-09-25 | CVE-2023-41874 | Cross-site Scripting vulnerability in Tychesoftwares Order Delivery Date for Woocommerce Unauth. | 6.1 |
2023-06-22 | CVE-2019-25152 | Unspecified vulnerability in Tychesoftwares products The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. | 6.1 |