Lucene search
WPScanCVELIST:CVE-2021-25062HistoryJan 24, 2022 - 8:01 a.m.
CVE-2021-25062 Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site Scripting
2022-01-2408:01:20
CWE-79
WPScan
www.cve.org
3
orders tracking
woocommerce
wordpress
plugin
sanitise
escape
file_url
admin page
reflected cross-site scripting
EPSS
0.001
Percentile
31.7%
The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
CNA Affected
[
{
"product": "Orders Tracking for WooCommerce",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.1.10",
"status": "affected",
"version": "1.1.10",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress WooCommerce plugin cross-site scripting vulnerability
2022-01-26 00:00:00
wpvulndb
wpvulndb
Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site Scripting
2021-12-27 00:00:00
prion
prion
Cross site scripting
2022-01-24 08:15:00
patchstack
patchstack
wpexploit
wpexploit
Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site Scripting
2021-12-27 00:00:00
nvd
nvd
CVE-2021-25062
2022-01-24 08:15:09
cve
cve
CVE-2021-25062
2022-01-24 08:15:09