2 matches found
WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting
WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is vulnerable to cross-site scripting via the includes/pages/redirect.php page parameter. id: CVE-2018-5316 info: name: WordPress SagePay Server Gateway for WooCommerce 1.0.9 - Cross-Site Scripting author: daffainfo severity: medium...
CVE-2018-5316
CVE-2018-5316 affects the WordPress plugin “SagePay Server Gateway for WooCommerce” released for WooCommerce. The vulnerability is an unauthenticated cross-site scripting (XSS) in versions before 1.0.9, exploitable via the includes/pages/redirect.php page parameter. The underlying impact, as repo...