← Back

Order Delivery Date For Woocommerce

order_delivery_date_for_woocommerce

Vendor: Tychesoftwares • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-2942
1Tychesoftwares
1Order Delivery Date For Woocommerce
Jul 17, 2025
Jul 11, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action, allowing attackers to retrieve such information
CVE-2025-2929
1Tychesoftwares
1Order Delivery Date For Woocommerce
Jun 12, 2025
May 20, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privileg...Show more
The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminShow less
CVE-2023-41858
1Tychesoftwares
1Order Delivery Date For Woocommerce
Nov 21, 2024
Oct 10, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.
CVE-2023-41874
1Tychesoftwares
1Order Delivery Date For Woocommerce
Nov 21, 2024
Sep 25, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce plugin <= 3.20.0 versions.