← Back

Piwebsolution

piwebsolution

11 CVEs • 9 products

Products (9)

Click to collapse
Toggle

CVEs (11)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Piwebsolution
1Product Enquiry For Woocommerce
Jun 17, 2026
Sep 27, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquir...Show more
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquiry_detail.php. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.Show less
2Gravitymaster
Piwebsolution
2Product Enquiry For Woocommerce
Product Enquiry For Woocommerce
Jun 17, 2026
Jan 16, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used a...Show more
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminShow less
1Piwebsolution
1Advanced Free Flat Shipping Woocommerce
Jun 17, 2026
Jul 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.
1Piwebsolution
1Cancel Order Request / Return Order / Repeat Order / Reorder For Woocommerce
Jun 17, 2026
Jun 26, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin <= 1.3.2 versions.
1Piwebsolution
1Conditional Cart Fee / Extra Charge Rule For Woocommerce Extra Fees
Jun 17, 2026
Jun 26, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PI Websolution Conditional cart fee plugin <= 1.0.96 versions.
1Piwebsolution
1Pi Woocommerce Order Date Time And Type
Jun 17, 2026
Jun 26, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions.
1Piwebsolution
1Add To Cart Direct Checkout For Woocommerce
Jun 17, 2026
Jun 26, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions.
1Piwebsolution
1Product Enquiry For Woocommerce
Jun 17, 2026
Apr 7, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin <= 2.2.12 versions.
1Piwebsolution
1Product Page Shipping Calculator For Woocommerce
Jun 17, 2026
Apr 7, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.20 versions.
1Piwebsolution
1Css Js Manager, Async Javascript, Defer Render Blocking Css Supports Woocommerce
Jun 17, 2026
Mar 14, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 versions.
1Piwebsolution
1Export Customers List Csv For Woocommerce
Jun 17, 2026
Nov 28, 2022
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list WordPress plugin before 2.0.69 does not validate data when outputting it back in a CSV file, which could lead to CSV injectio...Show more
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list WordPress plugin before 2.0.69 does not validate data when outputting it back in a CSV file, which could lead to CSV injection.Show less