Skip to main content

Doofinder

3 CVEs product

Monthly

CVE-2024-25596 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder for WooCommerce allows Stored XSS.1.8. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Doofinder
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2023-40602 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.5.49. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect WordPress Doofinder
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-49185 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder WP & WooCommerce Search allows Reflected XSS.1.7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Doofinder
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 5.9
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder for WooCommerce allows Stored XSS.1.8. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Doofinder
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.5.49. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect WordPress Doofinder
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder WP & WooCommerce Search allows Reflected XSS.1.7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Doofinder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy