cbcvebase.

Wpmarketingrobot Woocommerce Google Feed Manager vulnerabilities

3 known vulnerabilities affecting wpmarketingrobot/woocommerce_google_feed_manager.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-7258P2HIGHCVSS 8.8fixed in 2.9.02024-08-23
CVE-2024-7258 [HIGH] CWE-862 CVE-2024-7258: The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of data The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wppfm_removeFeedFile' function in all versions up to, and including, 2.8.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, whic
nvd
CVE-2024-3067P3HIGHCVSS 7.2fixed in 2.6.02024-04-16
CVE-2024-3067 [HIGH] CWE-89 CVE-2024-3067: The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level ac
nvd
CVE-2024-29112P4MEDIUMCVSS 4.8fixed in 2.3.02024-03-19
CVE-2024-29112 [MEDIUM] CWE-79 CVE-2024-29112: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Marketing Robot WooCommerce Google Feed Manager allows Stored XSS.This issue affects WooCommerce Google Feed Manager: from n/a through 2.2.0.
nvd