Vulnerabilities > Villatheme
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-21 | CVE-2023-50831 | Cross-site Scripting vulnerability in Villatheme Curcy Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY – Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY – Multi Currency for WooCommerce: from n/a through 2.2.0. | 5.4 |
2023-12-18 | CVE-2023-48778 | Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Product Size Chart for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Product Size Chart For WooCommerce.This issue affects Product Size Chart For WooCommerce: from n/a through 1.1.5. | 8.8 |
2023-09-04 | CVE-2023-4216 | Unspecified vulnerability in Villatheme Orders Tracking for Woocommerce The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. | 2.7 |
2023-08-08 | CVE-2023-30482 | Cross-site Scripting vulnerability in Villatheme Wpbulky Auth. | 5.4 |
2023-07-01 | CVE-2021-4395 | Unspecified vulnerability in Villatheme Abandoned Cart Recovery for Woocommerce The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.4. | 6.5 |
2023-06-07 | CVE-2021-4379 | Unspecified vulnerability in Villatheme Woocommerce Multi Currency 2.1.17 The WooCommerce Multi Currency plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wmc_bulk_fixed_price function in versions up to, and including, 2.1.17. | 6.5 |
2023-05-25 | CVE-2022-46810 | Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Thank YOU Page Customizer for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | 8.8 |
2023-05-25 | CVE-2022-46812 | Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Thank YOU Page Customizer for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | 8.8 |
2023-03-01 | CVE-2022-46806 | Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Cart ALL in ONE for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification. | 4.3 |
2022-11-18 | CVE-2022-44634 | Unspecified vulnerability in Villatheme S2W - Import Shopify to Woocommerce Auth. | 4.9 |