Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-6556
HistoryJan 11, 2024 - 9:15 a.m.

Cross site scripting

2024-01-1109:15:00
PRIOn knowledge base
www.prio-n.com
5
cross site scripting
stored cross-site scripting
wordpress plugin
vulnerability
input sanitization

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

Related for PRION:CVE-2023-6556