8 matches found
CVE-2025-13387
CVE-2025-13387 affects Kadence WooCommerce Email Designer for WordPress. The WordPress plugin is vulnerable to unauthenticated stored cross-site scripting via the customer name in all versions up to 1.5.17 due to insufficient input sanitization and output escaping. Several connected sources confi...
EUVD-2025-200181
The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
EUVD-2025-32559
A stored Cross-site scripting XSS vulnerability exists in the Customer Management Module of LionCoders SalePro POS 5.4.8. An authenticated attacker can inject arbitrary web script or HTML via the 'Customer Name' parameter when creating or editing customer profiles. This malicious input is...
CVE-2025-56382
A stored Cross-site scripting XSS vulnerability exists in the Customer Management Module of LionCoders SalePro POS 5.4.8. An authenticated attacker can inject arbitrary web script or HTML via the 'Customer Name' parameter when creating or editing customer profiles. This malicious input is...
CVE-2025-56382
A stored Cross-site scripting XSS vulnerability exists in the Customer Management Module of LionCoders SalePro POS 5.4.8. An authenticated attacker can inject arbitrary web script or HTML via the 'Customer Name' parameter when creating or editing customer profiles. This malicious input is...
CVE-2025-56382
A stored Cross-site scripting XSS vulnerability exists in the Customer Management Module of LionCoders SalePro POS 5.4.8. An authenticated attacker can inject arbitrary web script or HTML via the 'Customer Name' parameter when creating or editing customer profiles. This malicious input is...
PT-2025-40921
Name of the Vulnerable Software and Affected Versions LionCoders SalePro POS version 5.4.8 Description A stored Cross-site scripting XSS issue exists within the Customer Management Module. An authenticated attacker can inject arbitrary web script or HTML through the Customer Name parameter during...
SourceCodester Pet Grooming Management Software 跨站脚本漏洞
SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. A cross-site scripting vulnerability exists in SourceCodester Pet Grooming Management Software version 1.0, which stems from unverified input in the customer name field of the...