cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-1687,https://securityvulnerability.io/vulnerability/CVE-2024-1687,Unauthorized Execution of Shortcodes Vulnerability Affects WooCommerce Plugin,"The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the get_text_editor_content() function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute arbitrary shortcodes.",Wordpress,Thank You Page Customizer For WooCommerce – Increase Your Sales,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-02-27T05:33:11.820Z,0
CVE-2024-1686,https://securityvulnerability.io/vulnerability/CVE-2024-1686,Arbitrary Order Data Exposure in WooCommerce Plugin,"The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the apply_layout function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve arbitrary order data which may contain PII.",Wordpress,Thank You Page Customizer For WooCommerce – Increase Your Sales,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-02-27T05:33:11.199Z,0