Ali2woo Aliexpress Dropshipping With Alinext — known CVE vulnerabilities
Every CVE whose affected-product data names Ali2woo Aliexpress Dropshipping With Alinext, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-2381 — CVSS 8.8 (high): The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type…
CVE-2024-37212 — CVSS 8.3 (high): Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects Ali2Woo Lite: from n/a through 3.3.5.
CVE-2024-37211 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali2Woo Team Ali2Woo Lite…
CVE-2024-4450 — CVSS 6.3 (medium): The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…