Filtered by vendor Villatheme
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46806 | 1 Villatheme | 1 Cart All In One For Woocommerce | 2023-03-08 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification. | |||||
| CVE-2022-44634 | 1 Villatheme | 1 S2w - Import Shopify To Woocommerce | 2022-11-22 | N/A | 4.9 MEDIUM |
| Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress. | |||||
| CVE-2022-41623 | 1 Villatheme | 1 Dropshipping And Fulfillment For Aliexpress And Woocommerce | 2022-10-18 | N/A | 7.5 HIGH |
| Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 on WordPress. | |||||
| CVE-2022-1037 | 1 Villatheme | 1 Exmage | 2022-04-26 | 6.5 MEDIUM | 7.2 HIGH |
| The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs | |||||
| CVE-2021-25062 | 1 Villatheme | 1 Orders Tracking For Woocommerce | 2022-01-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | |||||