5 matches found
CVE-2023-0479
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability...
CVE-2023-0479
creationtimestamp| type| source ---|---|--- 2024-01-22 23:16:40+00:00| seen| https://t.me/ctinow/171518...
CVE-2023-0479
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability...
CVE-2023-0479 Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability...
CVE-2023-0479
The CVE-2023-0479 entry affects the WordPress plugin Print Invoice & Delivery Notes for WooCommerce, prior to version 4.7.2. The issue is a reflected XSS vulnerability in an admin note on the WooCommerce orders page, caused by echoing a GET value after a urldecode() cleanup (post-esc_url_raw()), ...