CVE-2025-64382

by | Nov 13, 2025

Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for...

CVE-2025-64381

by | Nov 13, 2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in wpdevelop Booking Calendar booking allows Stored XSS.This issue affects Booking Calendar: from n/a through <= 10.14.7.

CVE-2025-64380

by | Nov 13, 2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.3.2.

CVE-2025-64379

by | Nov 13, 2025

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <= 7.4.0.

CVE-2025-64370

by | Nov 13, 2025

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through <= 6.5.38.
Exit mobile version