4 matches found
EUVD-2023-12162
Malicious code in bioql PyPI...
CVE-2023-0061
The Judge.me Product Reviews for WooCommerce WordPress plugin before 1.3.21 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...
CVE-2023-0061 Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS
The Judge.me Product Reviews for WooCommerce WordPress plugin before 1.3.21 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...
PT-2023-15978 · WordPress · Judge.Me Product Reviews
Name of the Vulnerable Software and Affected Versions: Judge.me Product Reviews for WooCommerce WordPress plugin versions prior to 1.3.21 Description: The issue concerns the lack of validation and escaping of certain shortcode attributes, which could allow users with the contributor role and abov...