5 matches found
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS Vulnerability
WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities. Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected...
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS
Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected Versions: = 3.3.9 CVE ID: CVE-2023-0968 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Marco Wotschka Fully Patched Version: 3.3.9.1 Description:...
WordPress Japanized For WooCommerce Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS)
Software Japanized For WooCommerce Type Plugin Vulnerable versions = 2.5.4 Fixed in 2.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0942 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8b189e4d7501 Credits Marco Wotsch...
CVE-2023-0942
creationtimestamp| type| source ---|---|--- 2023-02-21 22:16:51+00:00| seen| https://t.me/cibsecurity/58638...
CVE-2023-0942 Japanized For WooCommerce <= 2.5.4 - Reflected Cross-Site Scripting
The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...