Lucene search
+L

5 matches found

attackerkb
attackerkb
added 2022/05/02 4:15 p.m.10 views

CVE-2022-1250

The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.3AI score0.00918EPSS
Exploits2References3
cvelist
cvelist
added 2022/05/02 4:5 p.m.24 views

CVE-2022-1250 LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting

The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue...

6.2AI score0.00918EPSS
Exploits2References2
cnnvd
cnnvd
added 2022/05/02 12:0 a.m.7 views

WordPress plugin LifterLMS PayPal 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in versions of the WordPress LifterLMS PayPal plugin...

6.1CVSS6.3AI score0.00918EPSS
Exploits2References3
wpexploit
wpexploit
added 2022/04/04 12:0 a.m.121 views

LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue https://example.com/purchase/confirm-payment/?order=order-xxxxxxx&PayerID=aa"...

6.1CVSS1.1AI score0.00918EPSS
Exploits2References1
wpvulndb
wpvulndb
added 2022/04/04 12:0 a.m.26 views

LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/purchase/confirm-payment/?order=order-xxxxxxx=aa"...

6.1CVSS0.6AI score0.00918EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder