CVE-2021-42363

The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the searchorder parameter found in the /views/form.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.6.8...

WordPress 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...

Preview E-mails for WooCommerce < 2.0.0 - Reflected Cross-Site Scripting

The plugin is vulnerable to reflected XSS via the searchorder parameter found in the /views/form.php file. PoC...

CVE-2020-15363

The Nexos theme through 1.7 for WordPress allows side-map/?searchorder= SQL Injection...

CVE-2018-16357

An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter...

CVE-2018-16357

An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter...