cleantalk

Vulnerabilities and Security Researches

Vulnerabilities and security researches for smart-manager-for-wp-e-commerce

Direction: ascending

Jun 07, 2024

Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced) # CVE-2024-0566

CVE, Research URL

CVE-2024-0566

Date
Feb 12, 2024
Research Description
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
Affected versions
Min -, max -.
Status
vulnerable

Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced) # 54ee094a291c85ad46e95bf98a3a744d98443fda

Date
Jul 08, 2015
Research Description
WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced) &#8211; Smart Manager [smart-manager-for-wp-e-commerce] < 3.9.7 WordPress Smart Manager Plugin <= 3.9.6 - SQL Injection Because of this vulnerability, unauthenticated remote attackers can execute arbitrary SQL commands. Update the plugin.
Affected versions
Min -, max -.
Status
vulnerable

Oct 24, 2024

Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced) # CVE-2024-49687

CVE, Research URL

CVE-2024-49687

Date
Dec 31, 2024
Research Description
Missing Authorization vulnerability in StoreApps Smart Manager.This issue affects Smart Manager: from n/a through 8.45.0.
Affected versions
Min -, max -.
Status
vulnerable

Jan 19, 2025

Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced) # CVE-2025-22710

CVE, Research URL

CVE-2025-22710

Date
-
Research Description
WooCommerce Advanced Bulk Edit Products, Orders, Coupons, Any WordPress Post Type &#8211; Smart Manager [smart-manager-for-wp-e-commerce] < 8.53.0 CVE-2025-22710
Affected versions
Min -, max -.
Status
vulnerable