Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.9 views

CVE-2022-4661

The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/03/14 12:0 a.m.15 views

WordPress Woo Products Widgets For Elementor Plugin < 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Woo Products Widgets For Elementor Type Plugin Vulnerable versions 1.0.8 Fixed in 1.0.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4661 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1f3087ed1109 Credits...

5.4CVSS5.6AI score0.00471EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2023/03/13 4:3 p.m.33 views

CVE-2022-4661 Woo Products Widgets For Elementor < 1.0.8 - Contributor+ Stored XSS via Shortcode

The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.6AI score0.00471EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/03/13 4:3 p.m.7 views

CVE-2022-4661 Woo Products Widgets For Elementor < 1.0.8 - Contributor+ Stored XSS via Shortcode

The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.4AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/03/13 4:3 p.m.61 views

CVE-2022-4661

CVE-2022-4661 affects the WordPress plugin Widgets for WooCommerce Products on Elementor (versions before 1.0.8). The issue is lack of validation/escaping of certain shortcode attributes, enabling Stored XSS via shortcodes when the attacker has contributor privileges or higher. The vulnerability ...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder