CVE-2023-34184

2023-08-3014:15:09

CWE-79

Patchstack

web.nvd.nist.gov

cve-2023-34184

unauthenticated

reflected cross-site scripting

xss

bhavik patel

woocommerce

order address print

nvd

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

EPSS

0.001

Percentile

20.5%

JSON

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Bhavik Patel Woocommerce Order address Print plugin <= 3.2 versions.

Affected configurations

Nvd

Vulners

Node

bhavikpatelwoocommerce-order-address-printRange≤3.2wordpress

VendorProductVersionCPE
bhavikpatelwoocommerce-order-address-print*cpe:2.3:a:bhavikpatel:woocommerce-order-address-print:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
bhavikpatel	woocommerce-order-address-print	*	cpe:2.3:a:bhavikpatel:woocommerce-order-address-print::::::wordpress::*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "woocommerce-order-address-print",
    "product": "Woocommerce Order address Print",
    "vendor": "Bhavik Patel",
    "versions": [
      {
        "lessThanOrEqual": "3.2",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/woocommerce-order-address-print/wordpress-woocommerce-order-address-print-plugin-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve