5 matches found
CVE-2022-1916
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a...
CVE-2022-1916
creationtimestamp| type| source ---|---|--- 2025-02-05 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-05...
CVE-2022-1916
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a...
CVE-2022-1916 Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a...
CVE-2022-1916
CVE-2022-1916 concerns the WordPress plugin “Active Products Tables for WooCommerce” (prior to v1.0.5). The vulnerability is a reflected cross-site scripting (XSS) flaw caused by the plugin not sanitizing/escaping a parameter before echoing it in the response of an AJAX action. This action is acc...