4 matches found
WordPress WP Express Checkout (Accept PayPal Payments) Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)
Software WP Express Checkout Accept PayPal Payments Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1469 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c8954f0fe6fa Credi...
CVE-2023-1469
creationtimestamp| type| source ---|---|--- 2023-03-17 15:45:47+00:00| seen| https://t.me/cibsecurity/60249...
CVE-2023-1469
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘peccouponcode’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-lev...
CVE-2023-1469
CVE-2023-1469 affects the WordPress WP Express Checkout plugin. Vulnerability: stored cross-site scripting via pec_coupon[code] in versions up to 2.2.8 caused by insufficient input sanitization and output escaping. Impact: authenticated attackers with administrator-level access can inject web scr...