3 matches found
CVE-2022-0399
creationtimestamp| type| source ---|---|--- 2022-03-14 17:18:24+00:00| seen| https://t.me/cibsecurity/38870...
CVE-2022-0399 Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting
The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the taxcolorsettype parameter before outputting it back in the berocketaplcolorlistener AJAX action's response, leading to a Reflected Cross-Site Scripting...
CVE-2022-0399
The CVE-2022-0399 entry concerns the WordPress plugin Advanced Product Labels for WooCommerce (versions before 1.2.3.7). The issue is a Reflected Cross‑Site Scripting (XSS) caused by insufficient sanitization/escaping of the tax_color_set_type parameter in the berocket_apl_color_listener AJAX res...