CVE-2025-1303 Plugin Oficial – Getnet para WooCommerce <= 1.7.3 - Unauthenticated Reflected XSS

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

WordPress plugin Plugin Oficial 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Plugin Oficial 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-21562 · WordPress · Plugin Oficial Wordpress

Name of the Vulnerable Software and Affected Versions: Plugin Oficial WordPress plugin through 1.7.3 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly sanitised and escaped, a...

CVE-2025-30906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through = 1.7.3...