Lucene search
PRIOn knowledge basePRION:CVE-2021-39308HistoryDec 14, 2021 - 4:15 p.m.
Cross site scripting
2021-12-1416:15:00
PRIOn knowledge base
www.prio-n.com
7
0.001 Low
EPSS
Percentile
26.2%
The WooCommerce myghpay Payment Gateway WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the clientref parameter found in the ~/processresponse.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| woo-myghpay-payment-gateway | le | 3.0 |
Related
cvelist
cvelist
wpvulndb
wpvulndb
WooCommerce myghpay Payment Gateway <= 3.0 - Reflected Cross-Site Scripting
2021-12-14 00:00:00
cve
cve
CVE-2021-39308
2021-12-14 16:15:08
patchstack
patchstack
nvd
nvd
CVE-2021-39308
2021-12-14 16:15:08
cnvd
cnvd