Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.6 views

CVE-2023-0948

The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

6.1CVSS6.6AI score0.0085EPSS
Exploits2References1
OSV
OSV
added 2023/05/08 2:15 p.m.4 views

CVE-2023-0948

The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

6.1CVSS6.8AI score0.0085EPSS
Exploits2References1
NVD
NVD
added 2023/05/08 2:15 p.m.13 views

CVE-2023-0948

The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

6.1CVSS6.1AI score0.0085EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/08 1:58 p.m.20 views

CVE-2023-0948 Japanized For WooCommerce < 2.5.8 - Reflected XSS

The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

6.2AI score0.0085EPSS
Exploits2References1
CVE
CVE
added 2023/05/08 1:58 p.m.77 views

CVE-2023-0948

CVE-2023-0948 affects the WordPress plugin “Japanized For WooCommerce” (WooCommerce Japan) versions prior to 2.5.8. The vulnerability is a Reflected Cross-Site Scripting (XSS) due to insufficient escaping of generated URLs output in attributes, enabling an attacker to inject script via the tab pa...

6.1CVSS6.2AI score0.0085EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/08 1:58 p.m.10 views

CVE-2023-0948 Japanized For WooCommerce < 2.5.8 - Reflected XSS

The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

6AI score0.0085EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.10 views

WordPress Japanized For WooCommerce Plugin <= 2.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Japanized For WooCommerce Type Plugin Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0948 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 26586df4823d Credits Erwan LR...

6.1CVSS5.9AI score0.0085EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder