Vulnerabilities and security researches forwoocommerce-country-based-payments woocommerce-country-based-payments

Jun 07, 2024

CVE, Research URL: 877b9f7a2c1fe14665b53c153c65f00bc577a11a
Home page URL: Security reports for Country Based Payments for WooCommerce
Application: Country Based Payments for WooCommerce
Date: Feb 28, 2022
Research Description: Country Based Payments for WooCommerce [woocommerce-country-based-payments] < 1.4.1 WordPress WooCommerce – Country Based Payments plugin <= 1.4 - Sensitive Information Disclosure vulnerability Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce – Country Based Payments plugin (versions <= 1.4).
Affected versions: max 1.4.1.
Status: vulnerable

Nov 15, 2024

CVE, Research URL: CVE-2022-4974
Home page URL: Security reports for Country Based Payments for WooCommerce
Application: Country Based Payments for WooCommerce
Date: Oct 16, 2024
Research Description: The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions: max 1.4.1.
Status: vulnerable