Vulnerabilities and security researches formin-and-max-quantity-for-woocommerce min-and-max-quantity-for-woocommerce

Jun 06, 2024

CVE, Research URL: cfd487765ed4c271aa76e8ee3559962f437ddfa0
Home page URL: Security reports for Minimum and Maximum Quantity for WooCommerce
Application: Minimum and Maximum Quantity for WooCommerce
Date: Jul 18, 2023
Research Description: Minimum and Maximum Quantity for WooCommerce [min-and-max-quantity-for-woocommerce] < 1.1.1 WordPress Minimum and Maximum Quantity for WooCommerce Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Minimum and Maximum Quantity for WooCommerce plugin to the latest available version (at least 1.1.1). Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Minimum and Maximum Quantity for WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.1.1.
Affected versions: max 1.1.1.
Status: vulnerable

Dec 11, 2024

CVE, Research URL: CVE-2024-54227
Home page URL: Security reports for Minimum and Maximum Quantity for WooCommerce
Application: Minimum and Maximum Quantity for WooCommerce
Date: Dec 09, 2024
Research Description: Missing Authorization vulnerability in theDotstore Minimum and Maximum Quantity for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through 2.0.0.
Affected versions: max 2.0.0.
Status: vulnerable