RSS   Podatności dla 'Ppom for woocommerce'   RSS

2022-02-14
 
CVE-2021-25018

CWE-862
 

 
The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues

 

 >>> Vendor: Najeebmedia 3 Produkty
N-media file uploader
Personalized woocommerce cart page
Ppom for woocommerce


Copyright 2024, cxsecurity.com

 

Back to Top