Filtered by vendor Dpl
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25068 | 1 Dpl | 1 Sync Woocommerce Product Feed To Google Shopping | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feed_id' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard | |||||
| CVE-2021-24511 | 1 Dpl | 1 Product Feed On Woocommerce | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a `product_id` POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | |||||