5 matches found
CVE-2023-28422
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...
CVE-2023-28422 WordPress Event Manager for WooCommerce Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...
CVE-2023-28422
CVE-2023-28422 affects MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce (WordPress). Describes an authenticated (admin+) stored XSS in versions up to 3.8.6. CVSS/metrics vary: NVD lists a medium impact (C, I) with no availability impact; PatchStack notes a fix in 3.8.7 and...
CVE-2023-28422 WordPress Event Manager for WooCommerce Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...
WordPress Event Manager for WooCommerce Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28422 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9bb25e1299a0 Credits Yuki Haru...