Lucene search
+L

CVE-2023-0894

🗓️ 08 May 2023 13:58:01Reported by WPScanType 
cve
 cve
🔗 web.nvd.nist.gov👁 57 Views🌐 WEB

The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 allows Stored Cross-Site Scripting attack

Related
Detection
Affected
Refs
Paths
NVD
Vulners
[
  {
    "vendor": "Unknown",
    "product": "Pickup | Delivery | Dine-in date time",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThanOrEqual": "1.0.9"
      }
    ],
    "defaultStatus": "affected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]
ParameterPositionPathDescriptionCWE
byconsolewooodtrestro_takeaway_lablerequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_delivery_lablerequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_dinein_lablerequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_date_field_textrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_time_field_textrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_orders_deliveredrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_orders_pick_uprequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_orders_dineinrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_chekout_page_section_headingrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
byconsolewooodtrestro_chekout_page_order_type_labelrequest bodywp-admin/admin.php?page=byconsolewooodtrestro_general_settingsStored XSS via unsanitised plugin settings in admin formCWE-79
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 05:26Current
4.9Medium risk
Vulners AI Score4.9
CVSS 3.14.8
EPSS0.00442
SSVC
57