Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackMehmet IncePATCHSTACK:8861BD801F33E584114B52090CD7F47E
HistoryApr 26, 2012 - 12:00 a.m.

WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities

2012-04-2600:00:00
Mehmet Ince
patchstack.com
4

0.008 Low

EPSS

Percentile

81.2%

JSON

Zingiri Web Shop plugin is prone to multiple cross-site scripting vulnerabilities. After the malicious code posted up, Javascrip code inserted to database with “$_POST[‘notes’]” variable. When administrator wants to see list of ordered items list, Javascript codes will come from database and start working on authenticated admin user side.

Solution

           Update the plugin.
CPENameOperatorVersion
zingiri web shople2.4.0

Related

wpvulndb 2
cvelist 1
cve 1
openvas 1
nvd 1
prion 1
wpvulndb
wpvulndb
Zingiri Web Shop <= 2.4.0 - zing.inc.php page Parameter XSS
2014-08-01 10:58:44
Zingiri Web Shop <= 2.4.0 - onecheckout.php notes Parameter XSS
2014-08-01 10:58:44
cvelist
cvelist
CVE-2012-6506
2013-01-24 01:00:00
cve
cve
CVE-2012-6506
2013-01-24 01:55:04
openvas
openvas
WordPress Zingiri Web Shop Plugin Multiple Cross Site Scripting Vulnerabilities
2012-04-27 00:00:00
nvd
nvd
CVE-2012-6506
2013-01-24 01:55:04
prion
prion
Cross site scripting
2013-01-24 01:55:00

0.008 Low

EPSS

Percentile

81.2%

JSON
Related for PATCHSTACK:8861BD801F33E584114B52090CD7F47E
wpvulndb2cvelist1cve1openvas1nvd1prion1