Lucene search
China National Vulnerability DatabaseCNVD-2023-06873HistoryFeb 14, 2022 - 12:00 a.m.
WordPress Store Toolkit for WooCommerce plugin cross-site scripting vulnerability
2022-02-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
30.2%
WooCommerce is the world’s most popular open source, free and flexible e-commerce plugin for WordPress, and one of the most mature open source e-commerce solutions for building foreign trade malls. cross-site scripting vulnerability exists in versions prior to WordPress Store Toolkit for WooCommerce plugin 2.3.2, which The vulnerability stems from the failure of the plugin’s Store Toolkit to clean up and escape tab parameters before outputting them back to the admin page in the form of an error message. An attacker could exploit this vulnerability to cause reflected cross-site scripting.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress store toolkit for woocommerce | lt | 2.3.2 |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2022-02-07 16:15:00
nvd
nvd
CVE-2021-25077
2022-02-07 16:15:44
cve
cve
CVE-2021-25077
2022-02-07 16:15:44
wpexploit
wpexploit
Store Toolkit for WooCommerce < 2.3.2 - Reflected Cross-Site Scripting
2022-01-10 00:00:00
wpvulndb
wpvulndb
Store Toolkit for WooCommerce < 2.3.2 - Reflected Cross-Site Scripting
2022-01-10 00:00:00
cvelist
cvelist