Digireturn

digireturn

3 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Footer Contacts Bar

footer_contacts_bar

Shipping By Weight For Woocommerce

shipping_by_weight_for_woocommerce

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-11842 1Digireturn 1Shipping By Weight For Woocommerce May 17, 2025 Dec 27, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2024-7690 1Digireturn 1Dn Popup Oct 7, 2024 Sep 2, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2024-3410 1Digireturn 1Footer Contacts Bar Jun 17, 2026 Jul 9, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The DN Footer Contacts WordPress plugin before 1.6.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the un...Show more The DN Footer Contacts WordPress plugin before 1.6.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)Show less