Lucene search

GoogleOSV:CVE-2024-22153

HistoryJan 31, 2024 - 7:15 p.m.

CVE-2024-22153

2024-01-3119:15:09

Google

osv.dev

cve-2024-22153

cross-site scripting

fahad mahmood

alexandre faustino

stored xss

web page generation

software

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.6%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.

CPENameOperatorVersion
stock-locations-for-woocommerceeq2.5.1
stock-locations-for-woocommerceeq2.0.6
stock-locations-for-woocommerceeq2.0.7
stock-locations-for-woocommerceeq1.6.9
stock-locations-for-woocommerceeq1.5.8
stock-locations-for-woocommerceeq1.9.2
stock-locations-for-woocommerceeq2.1.3
stock-locations-for-woocommerceeq2.4.8
stock-locations-for-woocommerceeq2.5.4
stock-locations-for-woocommerceeq1.6.2

Name	Operator	Version
stock-locations-for-woocommerce	eq	2.5.1
stock-locations-for-woocommerce	eq	2.0.6
stock-locations-for-woocommerce	eq	2.0.7
stock-locations-for-woocommerce	eq	1.6.9
stock-locations-for-woocommerce	eq	1.5.8
stock-locations-for-woocommerce	eq	1.9.2
stock-locations-for-woocommerce	eq	2.1.3
stock-locations-for-woocommerce	eq	2.4.8
stock-locations-for-woocommerce	eq	2.5.4
stock-locations-for-woocommerce	eq	1.6.2

Rows per page:

1-10 of 1341

References

patchstack.com/database/vulnerability/stock-locations-for-woocommerce/wordpress-stock-locations-for-woocommerce-plugin-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve