Tychesoftwares Order Delivery Date For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Tychesoftwares Order Delivery Date For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-41874 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce plugin <= 3.20.0 versions.
CVE-2025-2929 — CVSS 7.1 (high): The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page…
CVE-2023-41858 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.
CVE-2025-2942 — CVSS 4.3 (medium): The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an…