4 matches found
CVE-2023-0537 Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS
The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...
CVE-2023-0537 Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS
The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...
CVE-2023-0537
CVE-2023-0537 affects the WordPress plugin Product Slider For WooCommerce Lite (versions ≤ 1.1.7). The issue is stored cross-site scripting due to inadequate validation/escaping of shortcode attributes prior to output when the shortcode is embedded on a page, enabling attackers with contributor+ ...
WordPress Product Slider For WooCommerce Lite Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Product Slider For WooCommerce Lite Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0537 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5eb92cf8631c Credits...