7 matches found
CVE-2023-0948
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...
CVE-2023-0948
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...
CVE-2023-0948
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...
CVE-2023-0948 Japanized For WooCommerce < 2.5.8 - Reflected XSS
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...
CVE-2023-0948
CVE-2023-0948 affects the WordPress plugin “Japanized For WooCommerce” (WooCommerce Japan) versions prior to 2.5.8. The vulnerability is a Reflected Cross-Site Scripting (XSS) due to insufficient escaping of generated URLs output in attributes, enabling an attacker to inject script via the tab pa...
CVE-2023-0948 Japanized For WooCommerce < 2.5.8 - Reflected XSS
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...
WordPress Japanized For WooCommerce Plugin <= 2.5.7 is vulnerable to Cross Site Scripting (XSS)
Software Japanized For WooCommerce Type Plugin Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0948 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 26586df4823d Credits Erwan LR...