Filtered by vendor Villatheme
Subscribe
Filtered by product Woocommerce Thank You Page Customizer
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1687 | 1 Villatheme | 1 Woocommerce Thank You Page Customizer | 2025-01-15 | N/A | 5.4 MEDIUM |
| The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the get_text_editor_content() function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute arbitrary shortcodes. | |||||
| CVE-2024-1686 | 1 Villatheme | 1 Woocommerce Thank You Page Customizer | 2025-01-15 | N/A | 5.3 MEDIUM |
| The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the apply_layout function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve arbitrary order data which may contain PII. | |||||
| CVE-2022-46810 | 1 Villatheme | 1 Woocommerce Thank You Page Customizer | 2025-01-15 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | |||||
| CVE-2022-46812 | 1 Villatheme | 1 Woocommerce Thank You Page Customizer | 2025-01-15 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | |||||