Filtered by vendor Thisfunctional
Subscribe
Filtered by product Ctt Expresso Para Woocommerce
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6687 | 1 Thisfunctional | 1 Ctt Expresso Para Woocommerce | 2024-11-23 | N/A | 5.3 MEDIUM |
| The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender and receiver names, phone numbers, physical addresses, and email addresses | |||||
| CVE-2022-47589 | 1 Thisfunctional | 1 Ctt Expresso Para Woocommerce | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in this.Functional CTT Expresso para WooCommerce plugin <= 3.2.11 versions. | |||||