Threat-Lens CVE Hub

Products

1 vendor

Vendor	Products	CVEs	KEV	Avg EPSS	Worst Severity
onthegosystems	2	5	0	31.9%	HIGH

CVE ID	Description	Severity	CVSS	KEV	EPSS	Published
CVE-2024-44006	Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through <= 5.3.6.	HIGH	8.8	—	27.4%	Nov 1, 2024
CVE-2024-30466	Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4.	HIGH	8.8	—	27.0%	Jun 9, 2024
CVE-2024-32602	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.3.1.	HIGH	7.2	—	41.3%	Apr 18, 2024
CVE-2020-10568	The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings.	HIGH	8.8	—	—	Mar 14, 2020
CVE-2015-9416	The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.	MEDIUM	6.1	—	—	Sep 26, 2019