Vulnerabilities > Tychesoftwares
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2019-25152 | Unspecified vulnerability in Tychesoftwares products The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. | 6.1 |
| 2023-06-08 | CVE-2023-2986 | Unspecified vulnerability in Tychesoftwares Abandoned Cart Lite for Woocommerce The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. | 9.8 |
| 2023-06-07 | CVE-2020-36696 | Missing Authorization vulnerability in Tychesoftwares Product Input Fields for Woocommerce The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. | 7.5 |
| 2023-05-25 | CVE-2022-45367 | Cross-Site Request Forgery (CSRF) vulnerability in Tychesoftwares Custom Order Numbers for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions. | 8.8 |
| 2023-05-16 | CVE-2023-23703 | Cross-site Scripting vulnerability in Tychesoftwares Arconix Shortcodes Auth. | 5.4 |