Filtered by vendor Wpswings
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25100 | 1 Wpswings | 1 Coupon Referral Program | 2024-10-08 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | |||||
| CVE-2021-4391 | 1 Wpswings | 1 Ultimate Gift Cards For Woocommerce | 2024-02-04 | N/A | 4.3 MEDIUM |
| The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the mwb_wgm_save_post() function. This makes it possible for unauthenticated attackers to modify product gift card details via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||