Filtered by vendor Wpdesk
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31267 | 1 Wpdesk | 1 Flexible Checkout Fields | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in WP Desk Flexible Checkout Fields for WooCommerce.This issue affects Flexible Checkout Fields for WooCommerce: from n/a through 4.1.2. | |||||
| CVE-2020-36731 | 1 Wpdesk | 1 Flexible Checkout Fields For Woocommerce | 2024-11-21 | N/A | 7.2 HIGH |
| The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction() function which is called via an admin_init hook, along with missing sanitization and escaping on the settings that are stored. | |||||