← Back

Tychesoftwares

tychesoftwares

24 CVEs • 11 products

Products (11)

Click to collapse
Toggle
Arconix Shortcodes
arconix_shortcodes
5 CVEs
Abandoned Cart Lite For Woocommerce
abandoned_cart_lite_for_woocommerce
4 CVEs
Order Delivery Date For Woocommerce
order_delivery_date_for_woocommerce
4 CVEs
Product Input Fields For Woocommerce
product_input_fields_for_woocommerce
3 CVEs
Order Delivery Date For Wp E Commerce
order_delivery_date_for_wp_e-commerce
2 CVEs
Print Invoice & Delivery Notes For Woocommerce
print_invoice_&_delivery_notes_for_woocommerce
2 CVEs
Custom Order Numbers For Woocommerce
custom_order_numbers_for_woocommerce
1 CVE
Abandoned Cart Pro For Woocommerce
abandoned_cart_pro_for_woocommerce
1 CVE
Product Delivery Date For Woocommerce
product_delivery_date_for_woocommerce
1 CVE
Arconix Faq
arconix_faq
1 CVE
Order Delivery Date Pro For Woocommerce
order_delivery_date_pro_for_woocommerce
1 CVE

CVEs (24)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-2986
1Tychesoftwares
1Abandoned Cart Lite For Woocommerce
Apr 8, 2026
Jun 8, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the a...Show more
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, who are typically customers. Further security hardening was introduced in version 5.15.1 that ensures sites are no longer vulnerable through historical check-out links, and additional hardening was introduced in version 5.15.2 that ensured null key values wouldn't permit the authentication bypass.Show less
CVE-2020-36696
1Tychesoftwares
1Product Input Fields For Woocommerce
Apr 8, 2026
Jun 7, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. This makes...Show more
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable service.Show less
CVE-2022-45367
1Tychesoftwares
1Custom Order Numbers For Woocommerce
Nov 21, 2024
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions.
CVE-2023-23703
1Tychesoftwares
1Arconix Shortcodes
Nov 21, 2024
May 16, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <= 2.1.7 versions.