Cross site scripting

2019-12-2719:15:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.0%

JSON

Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.

CPENameOperatorVersion
swipehq-payment-gateway-woocommercele2.7.1

CPE	Name	Operator	Version
	swipehq-payment-gateway-woocommerce	le	2.7.1

References

codevigilant.com/disclosure/wp-plugin-swipehq-payment-gateway-woocommerce-a3-cross-site-scripting-xss