Vulnerabilities > Zixn > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-10853 | Missing Authorization vulnerability in Zixn BUY ONE Click Woocommerce The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeorder AJAX action in all versions up to, and including, 2.2.9. | 4.3 |
| 2024-11-13 | CVE-2024-10854 | Missing Authorization vulnerability in Zixn BUY ONE Click Woocommerce The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buy_one_click_import_options AJAX action in all versions up to, and including, 2.2.9. | 4.3 |
| 2024-02-12 | CVE-2024-24932 | Cross-site Scripting vulnerability in Zixn VK Poster Group 2.0.3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3. | 6.1 |