← Back

Zixn

zixn

4 CVEs • 3 products

Products (3)

Click to collapse
Toggle

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Zixn
1Buy One Click Woocommerce
Jun 17, 2026
Nov 13, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buy_one_click_import_options AJAX action in all versions up to, and including...Show more
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buy_one_click_import_options AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import plugin settings.Show less
1Zixn
1Buy One Click Woocommerce
Jun 17, 2026
Nov 13, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeorder AJAX action in all versions up to, and including, 2.2.9. This mak...Show more
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeorder AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete Buy one click WooCommerce orders.Show less
1Zixn
1Vk Poster Group
Jun 17, 2026
Feb 12, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3.
1Zixn
1Original Texts Yandex Webmaster
Jun 17, 2026
Nov 6, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions.