Vulnerabilities > Villatheme

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-01	CVE-2022-46806	Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Cart ALL in ONE for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification. network low complexity villatheme CWE-352	4.3
2022-11-18	CVE-2022-44634	Unspecified vulnerability in Villatheme S2W - Import Shopify to Woocommerce Auth. network low complexity villatheme	4.9
2022-10-14	CVE-2022-41623	Unspecified vulnerability in Villatheme Dropshipping and Fulfillment for Aliexpress and Woocommerce Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 on WordPress. network low complexity villatheme	7.5
2022-04-18	CVE-2022-1037	Server-Side Request Forgery (SSRF) vulnerability in Villatheme Exmage The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs network low complexity villatheme CWE-918	7.2
2022-01-24	CVE-2021-25062	Cross-site Scripting vulnerability in Villatheme Orders Tracking for Woocommerce The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting network low complexity villatheme CWE-79	6.1

Vulnerabilities > Villatheme {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Villatheme"}]}