Vulnerabilities > Wisetr

DATE CVE VULNERABILITY TITLE RISK
2023-06-03 CVE-2023-2781 Missing Authentication for Critical Function vulnerability in Wisetr User Email Verification for Woocommerce
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0.
network
low complexity
wisetr CWE-306
critical
9.8
2019-08-29 CVE-2018-21007 Improper Access Control vulnerability in Wisetr User Email Verification for Woocommerce
The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to supportive xl folders inside uploads.
network
low complexity
wisetr CWE-284
critical
9.8