CVEDB API

Vulnerabilities

Vulnerable Software

Zorem: >> Advanced Local Pickup For Woocommerce >> 1.2.6 Security Vulnerabilities

CVE-2024-31283

Missing Authorization vulnerability in zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.6.2.

CVSS Score

7.5

EPSS Score

0.008

Published

2024-06-09

CVE-2022-40702

Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.5.2.

CVSS Score

5.4

EPSS Score

0.0

Published

2024-01-17

CVE-2023-2841

The Advanced Local Pickup for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in versions up to, and including, 1.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with admin-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS Score

7.2

EPSS Score

0.005

Published

2023-11-22

Page 1

Vulnerabilities

Vulnerable Software

Zorem: >> Advanced Local Pickup For Woocommerce >> 1.2.6 Security Vulnerabilities

Products

Pricing

Contact Us