Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical0
High0
Medium3
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2024-11-21

CVE-2022-0234 - Woocs Plugin

The WOOCS WordPress plugin before 1.3.7.5 does not sanitise and escape the woocs_in_order_currency parameter of the woocs_get_products_price_html AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting

PLUGIN Woocs

CVE-2022-0234

MEDIUM CVSS 6.1 2022-02-21
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-25043 - Woocs Plugin

The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue

PLUGIN Woocs

CVE-2021-25043

MEDIUM CVSS 6.1 2022-01-10
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24938 - Woocs Plugin

The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape the key parameter of the woocs_update_profiles_data AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected cross-Site Scripting issue

PLUGIN Woocs

CVE-2021-24938

MEDIUM CVSS 6.1 2021-12-06
Open Full Technical Breakdown
Scroll to top