2 matches found
CVE-2023-33319
CVE-2023-33319: Unauth. Reflected Cross-Site Scripting in the WooCommerce Follow-Up Emails (AutomateWoo) plugin, affecting versions up to and including 4.9.40. The vulnerability is an unauthenticated XSS that can be triggered via user-controlled input reflected in the response. Patchstack lists a...
WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Follow-Up Emails Type Plugin Vulnerable versions = 4.9.40 Fixed in 4.9.50 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33319 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID da1adfccae00 Credits...