Lucene search
PRIOn knowledge basePRION:CVE-2023-5140HistoryNov 20, 2023 - 7:15 p.m.
Cross site scripting
2023-11-2019:15:00
PRIOn knowledge base
www.prio-n.com
4
wordpress
plugin
xss
vulnerability
bonus for woo
version 5.8.3
reflected cross-site scripting
high privilege users
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bonus_for_woo | lt | 5.8.3 |
Related
wpexploit
wpexploit
Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
2023-10-27 00:00:00
cvelist
cvelist
CVE-2023-5140 Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
2023-11-20 18:55:02
nvd
nvd
CVE-2023-5140
2023-11-20 19:15:09
cve
cve
CVE-2023-5140
2023-11-20 19:15:09
wpvulndb
wpvulndb
Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
2023-10-27 00:00:00
wordfence
wordfence