FOX – Currency Switcher Professional for WooCommerce

Information

Software Type Plugin
Software Slug woocommerce-currency-switcher (view on wordpress.org)
Software Status Active
Software Author realmag777
Software Website currency-switcher.com
Software Downloads 1,837,471
Software Active Installs 60,000
Software Record Last Updated November 19, 2024

13 Vulnerabilities

Title Status CVE ID CVSS Researchers Date
The FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode Execution Patched CVE-2024-10640 7.3 mikemyers November 8, 2024
FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution Patched CVE-2024-8271 7.3 Arkadiusz Hydzik September 13, 2024
WOOCS – WooCommerce Currency Switcher <= 1.4.2 - Missing Authorization Patched CVE-2024-43297 4.3 Ananda Dhakal August 16, 2024
FOX – Currency Switcher Professional for WooCommerce <= 1.4.1.8 - Unauthenticated Arbitrary Shortcode Execution Patched CVE-2024-3734 6.5 stealthcopter April 24, 2024
WOOCS – WooCommerce Currency Switcher <= 1.4.1.7 - Cross-Site Request Forgery Patched CVE-2024-30458 4.3 Dhabaleshwar Das March 28, 2024
FOX – Currency Switcher Professional for WooCommerce <= 1.4.1.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting Patched CVE-2023-6556 5.4 Lucio Sá December 23, 2023
WOOCS – WooCommerce Currency Switcher <= 1.4.1.4 - Cross-Site Request Forgery via delete_profiles_data Patched CVE-2023-49834 5.4 Brandon James Roldan (tomorrowisnew) December 5, 2023
WOOCS <= 1.3.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Patched CVE-2022-4431 6.4 István Márton December 20, 2022
WOOCS <= 1.3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Patched CVE-2022-4431 6.4 István Márton December 20, 2022
WOOCS <= 1.3.7.4 - Reflected Cross-Site Scripting via AJAX action Patched CVE-2022-0234 6.1 Krzysztof Zając January 19, 2022
WOOCS <= 1.3.7.2 - Reflected Cross-Site Scripting Patched CVE-2021-25043 6.1 Krzysztof Zając December 13, 2021
WooCommerce Currency Switcher <= 1.3.7 - Reflected Cross-Site Scripting Patched CVE-2021-24938 6.1 ZhongFu Su November 8, 2021
WOOCS – Currency Switcher for WooCommerce Professional Free <= 1.3.7 - Authenticated Local File Inclusion Patched CVE-2021-24566 8.8 Marc-Alexandre Montpas July 22, 2021

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation