Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Piwebsolution Subscribe
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-7151 1 Piwebsolution 1 Product Enquiry For Woocommerce 2024-01-23 N/A 6.1 MEDIUM
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2023-29170 1 Piwebsolution 1 Product Enquiry For Woocommerce 2023-11-07 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin <= 2.2.12 versions.
CVE-2023-29094 1 Piwebsolution 1 Product Page Shipping Calculator For Woocommerce 2023-11-07 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.20 versions.
CVE-2022-47154 1 Piwebsolution 1 Css Js Manager\, Async Javascript\, Defer Render Blocking Css Supports Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 versions.
CVE-2022-3603 1 Piwebsolution 1 Export Customers List Csv For Woocommerce 2023-11-07 N/A 9.8 CRITICAL
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list WordPress plugin before 2.0.69 does not validate data when outputting it back in a CSV file, which could lead to CSV injection.
CVE-2023-34015 1 Piwebsolution 1 Advanced-free-flat-shipping-woocommerce 2023-07-18 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.
CVE-2023-28988 1 Piwebsolution 1 Add-to-cart-direct-checkout-for-woocommerce 2023-07-05 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions.
CVE-2023-28991 1 Piwebsolution 1 Pi-woocommerce-order-date-time-and-type 2023-07-05 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions.
CVE-2023-29093 1 Piwebsolution 1 Conditional Cart Fee \/ Extra Charge Rule For Woocommerce Extra Fees 2023-07-03 N/A 4.8 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PI Websolution Conditional cart fee plugin <= 1.0.96 versions.
CVE-2023-29423 1 Piwebsolution 1 Cancel Order Request \/ Return Order \/ Repeat Order \/ Reorder For Woocommerce 2023-07-03 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin <= 1.3.2 versions.