Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:49 a.m.8 views

CVE-2023-2452

The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.8AI score0.00536EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.10 views

CVE-2023-2452 Advanced Woo Search <= 2.77 - Authenticated (Admin+) Stored Cross-Site Scripting

The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS6.7AI score0.00536EPSS
Exploits0References3
CVE
CVE
added 2023/06/09 5:33 a.m.51 views

CVE-2023-2452

CVE-2023-2452 affects the WordPress plugin Advanced Woo Search (versions ≤ 2.77). It is a stored XSS in admin settings exploitable by authenticated admins (Administrator+), with impact on multi-site installs and where unfiltered_html is disabled. The issue is due to insufficient input sanitizatio...

4.4CVSS4.3AI score0.00536EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/05/02 12:0 a.m.11 views

WordPress Advanced Woo Search Plugin <= 2.77 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Woo Search Type Plugin Vulnerable versions = 2.77 Fixed in 2.78 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2452 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2bde54a18d9f Credits Ivan Kuzymchak Require...

4.4CVSS6AI score0.00536EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder