Vulnerabilities and security researches forth-all-in-one-woo-cart th-all-in-one-woo-cart

Jun 10, 2024

CVE, Research URL: CVE-2023-25969
Home page URL: Security reports for Floating Cart and Menu Cart for WooCommerce
Application: Floating Cart and Menu Cart for WooCommerce
Date: Jun 11, 2026
Research Description: Missing Authorization vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form & Lead Form Elementor Builder: from n/a through 1.8.4.
Affected versions: max 1.1.2.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: 91d4cb1651cdc81a8df232a36b3b45db6b8a59c5
Home page URL: Security reports for Floating Cart and Menu Cart for WooCommerce
Application: Floating Cart and Menu Cart for WooCommerce
Date: Mar 22, 2023
Research Description: WooCommerce Shopping & Floating Cart [th-all-in-one-woo-cart] < 1.1.2 WordPress TH Side Cart and Menu Cart for Woocommerce Plugin <= 1.1.1 is vulnerable to Broken Access Control Update the WordPress TH Side Cart and Menu Cart for Woocommerce plugin to the latest available version (at least 1.1.2). Lana Codes discovered and reported this Broken Access Control vulnerability in WordPress TH Side Cart and Menu Cart for Woocommerce Plugin. This vulnerability has been fixed in version 1.1.2.
Affected versions: max 1.1.2.
Status: vulnerable