2 matches found
CVE-2022-1673
The WooCommerce Green Wallet Gateway WordPress plugin before 1.0.2 does not escape the errorenvision query parameter before outputting it to the page, leading to a Reflected Cross-Site Scripting vulnerability...
WooCommerce Green Wallet Gateway < 1.0.2 - Reflected Cross Site Scripting in checkout page
The plugin does not escape the errorenvision query parameter before outputting it to the page, leading to a Reflected Cross-Site Scripting vulnerability. PoC 1. Enable greenwallet-gateway as a woocommerce payment gateway 2. add something in your cart and visit the checkout page 3. visit...