Zaytech Smart Online Order For Clover — known CVE vulnerabilities
Every CVE whose affected-product data names Zaytech Smart Online Order For Clover, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-46312 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zaytech Smart Online Order for Clover plugin <= 1.5.4 versions.
CVE-2024-7032 — CVSS 6.5 (medium): The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the…
CVE-2024-29115 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zaytech Smart Online Order for Clover…
CVE-2024-9895 — CVSS 6.4 (medium): The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link…
CVE-2024-8787 — CVSS 6.1 (medium): The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg &…
CVE-2024-31238 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover.This issue affects Smart Online Order for Clover…
CVE-2024-43253 — CVSS 5.3 (medium): Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for…
CVE-2024-43254 — CVSS 4.3 (medium): Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for…
CVE-2024-7030 — CVSS 4.3 (medium): The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…