5 matches found
CVE-2025-58799 WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in themelocation Custom WooCommerce Checkout Fields Editor add-fields-to-checkout-page-woocommerce allows Cross Site Request Forgery.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through = 1.3.4...
CVE-2022-46864
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin = 0.1 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin = 0.1 versions...
CVE-2022-46864
CVE-2022-46864 affects the WordPress plugin “Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop” (versions
Woocommerce Custom Checkout Fields Editor With Drag & Drop <= 0.1 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the "tab" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...