2 matches found
CVE-2023-32801
CVE-2023-32801 : Unauthenticated, reflected Cross-Site Scripting in the WordPress plugin WooCommerce Composite Products up to version 8.7.5 . Root cause: input not properly escaped in the plugin’s output leads to script execution in a victim’s browser. Impact semantics in sources describe XSS wit...
WordPress WooCommerce Composite Products Plugin <= 8.7.5 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Composite Products Type Plugin Vulnerable versions = 8.7.5 Fixed in 8.7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32801 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9a496bb5bf9a Credits...