3 matches found
CVE-2023-36686
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CartFlows Pro plugin = 1.11.11 versions...
CVE-2023-36686
CartFlows Pro (WordPress) vulnerability CVE-2023-36686 is an unauthenticated, reflected XSS affecting versions = 1.11.12 to remediate the flaw. No exploitation details are provided in the sources; in-the-wild exploit status is not confirmed within the supplied documents.
WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS)
Software CartFlows Pro Type Plugin Vulnerable versions = 1.11.11 Fixed in 1.11.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36686 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fde18e13d181 Credits Rafie Muhammad...