3 matches found
CVE-2022-2090
The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting...
CVE-2022-2090
The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting...
CVE-2022-2090
The CVE-2022-2090 entry describes a vulnerability in the WordPress plugin Discount Rules for WooCommerce (older than 2.4.2). The issue is that the plugin does not escape a parameter before outputting it in an attribute on the plugin’s discount rule page, enabling Reflected Cross-Site Scripting (X...