7 matches found
Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. i...
CVE-2019-25152
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping...
CVE-2019-25152 Abandoned Cart Lite for WooCommerce < 5.2.0 and Abandoned Cart Pro for WooCommerce < 7.13.0 - Stored Cross-Site Scripting
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping...
CVE-2019-25152
The CVE-2019-25152 issue affects Abandoned Cart Lite for WooCommerce (≤5.1.3) and Abandoned Cart Pro for WooCommerce (≤7.12.0). The root cause is improper input sanitization and output escaping, enabling stored XSS via multiple parameters and potentially allowing unauthenticated script execution ...
CVE-2019-25152 Abandoned Cart Lite for WooCommerce < 5.2.0 and Abandoned Cart Pro for WooCommerce < 7.13.0 - Stored Cross-Site Scripting
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping...
WordPress Abandoned Cart Pro Plugin <= 7.12.0 is vulnerable to Cross Site Scripting (XSS)
Software Abandoned Cart Pro Type Plugin Vulnerable versions = 7.12.0 Fixed in 7.13.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2019-25152 Patch priority High CVSS severity High 7.2 Developer Claim ownership PSID e46f5b307c8a Credits WordFence Requir...
VulnCheck KEV: CVE-2019-25152
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping...