Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Woocommerce_thank_you_page_customizer
(Villatheme)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-05-25 | CVE-2022-46812 | Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | Woocommerce_thank_you_page_customizer | 8.8 | ||
| 2023-05-25 | CVE-2022-46810 | Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | Woocommerce_thank_you_page_customizer | 8.8 | ||
| 2024-02-27 | CVE-2024-1686 | The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the apply_layout function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve arbitrary order data which may contain PII. | Woocommerce_thank_you_page_customizer | 6.5 | ||
| 2024-02-27 | CVE-2024-1687 | The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the get_text_editor_content() function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute arbitrary shortcodes. | Woocommerce_thank_you_page_customizer | N/A |