Directsoftware Order Attachments For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Directsoftware Order Attachments For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-13638 — CVSS 5.9 (medium): The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and…
CVE-2024-9756 — CVSS 4.3 (medium): The Order Attachments for WooCommerce plugin for WordPress is vulnerable to unauthorized limited arbitrary file uploads due to a missing…