Lucene search
K

5 matches found

0day.today
0day.today
added 2023/03/23 12:0 a.m.330 views

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS Vulnerability

WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities. Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected...

6.1CVSS6.3AI score0.0126EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/23 12:0 a.m.372 views

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS

Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected Versions: = 3.3.9 CVE ID: CVE-2023-0968 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Marco Wotschka Fully Patched Version: 3.3.9.1 Description:...

6.1CVSS6.7AI score0.0126EPSS
Exploits5
Patchstack
Patchstack
added 2023/02/22 12:0 a.m.18 views

WordPress Japanized For WooCommerce Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS)

Software Japanized For WooCommerce Type Plugin Vulnerable versions = 2.5.4 Fixed in 2.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0942 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8b189e4d7501 Credits Marco Wotsch...

6.1CVSS5.9AI score0.01213EPSS
Exploits3References3Affected Software1
Circl
Circl
added 2023/02/21 10:16 p.m.6 views

CVE-2023-0942

creationtimestamp| type| source ---|---|--- 2023-02-21 22:16:51+00:00| seen| https://t.me/cibsecurity/58638...

6.1CVSS6.8AI score0.01213EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2023/02/21 7:29 p.m.16 views

CVE-2023-0942 Japanized For WooCommerce <= 2.5.4 - Reflected Cross-Site Scripting

The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS6.9AI score0.01213EPSS
Exploits3References4
Rows per page
Query Builder