In Wallet for WooCommerce plugin versions up to 1.5.6 a medium severity vulnerability CVE-2024-7747 was detected. This vulnerability allows attackers with Subscriber access or higher to generate fake funds and transfer them to users or themselves. They could also request withdrawals if approved by an admin. To address this issue, users must upgrade to Wallet for WooCommerce version 1.5.7 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-7747.
Read more E-commerceIn PrestaShop version 8.1.4 a medium severity vulnerability CVE-2024-36626 was detected. This vulnerability allows attackers to exploit the function with malformed inputs, potentially causing the application to crash or resulting in a denial of service (DoS). To fix this issue, users should upgrade PrestaShop to version 8.1.5. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-36626.
Read more E-commerceIn WooCommerce in all versions up to and including 2.2.9 a medium severity vulnerability CVE-2024-10852 was detected. This vulnerability allows attackers with low-level access to export plugin settings, potentially exposing sensitive data. To fix this problem, users should upgrade to the latest version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-10852.
Read more E-commerceIn WooCommerce in all versions up to and including 2.2.9 a medium severity vulnerability CVE-2024-10854 was detected. This vulnerability allows attackers with low-level access to import and modify plugin settings, potentially compromising data. To fix this problem, users should upgrade to the latest version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-10854.
Read more E-commerceIn WooCommerce versions up to and including 5.3.9 of the Laybuy Payment Extension a medium severity vulnerability CVE-2024-37203 was detected. This vulnerability allows attackers to exploit incorrectly configured access control security levels. Currently there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-37203.
Read more E-commerceIn WooCommerce Customers Order History plugin versions up to 5.2.2 a medium severity vulnerability CVE-2024-37201 was detected. This issue allows attackers to misuse access control settings. Currently, there is no fix for this vulnerability. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-37201.
Read more E-commerceIn Waitlist plugin for WooCommerce versions up to 2.6 a medium severity vulnerability CVE-2024-43134 was detected. This vulnerability allows attackers to gain unauthorized access to certain WooCommerce waitlist features by exploiting improper security settings. To fix this issue, users should upgrade Waitlist WooCommerce plugin to version 2.6.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43134.
Read more E-commerceIn Print Barcode Labels plugin for WooCommerce versions up to 3.4.9 a medium severity vulnerability CVE-2024-43310 was detected. This vulnerability allows attackers to gain unauthorized access to barcode printing features for WooCommerce products and orders. To fix this issue, users should upgrade Print Barcode Labels plugin for WooCommerce to version 3.4.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43310.
Read more E-commerceIn WPClever WPC Frequently Bought Together plugin for WooCommerce versions up to 7.1.9 a medium severity vulnerability CVE-2024-43312 was detected. This vulnerability allows attackers to gain unauthorized access to features of the WPC Frequently Bought Together plugin for WooCommerce by exploiting weak access control settings, potentially letting them manipulate or view sensitive data related to purchased products. To fix this issue, users should upgrade WPClever WPC Frequently Bought Together plugin for WooCommerce to version 7.2.0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43312.
Read more E-commerce