3 matches found
CVE-2023-2256
The CVE-2023-2256 entry covers the WordPress plugin Product Addons & Fields for WooCommerce (PPOM) prior to version 32.0.7. The connected documents confirm a Reflected Cross-Site Scripting vulnerability caused by insufficient sanitization/escaping of URL parameters in the admin panel, enabling ar...
CVE-2023-2256 Product Addons & Fields for WooCommerce < 32.0.7 - Reflected Cross-Site Scripting
The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.7 does not sanitize and escape some URL parameters, leading to Reflected Cross-Site Scripting...
WordPress PPOM for WooCommerce Plugin < 32.0.7 is vulnerable to Cross Site Scripting (XSS)
Software PPOM for WooCommerce Type Plugin Vulnerable versions 32.0.7 Fixed in 32.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2256 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f58b7e5c3a3c Credits Alex Sanford...