Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ppom_for_woocommerce
(Najeebmedia)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-14 | CVE-2021-25018 | The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues | Ppom_for_woocommerce | 5.4 | ||
| 2019-08-12 | CVE-2019-14948 | The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. | Ppom_for_woocommerce | 5.4 |