Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/08/07 2:31 p.m.9 views

CVE-2023-3671 MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00396EPSS
Exploits2References1
CVE
CVE
added 2023/08/07 2:31 p.m.66 views

CVE-2023-3671

CVE-2023-3671 affects the WordPress plugin MultiParcels Shipping For WooCommerce and is caused by insufficient sanitisation/escaping of parameters, leading to a reflected XSS. Vulnerable version range: before 1.15.4 (i.e., prior to plugin version 1.15.4). Impact stated: XSS could be exploited aga...

6.1CVSS6.1AI score0.00396EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/08/07 2:31 p.m.25 views

CVE-2023-3671 MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00396EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.15 views

WordPress MultiParcels Shipping For WooCommerce Plugin < 1.15.4 is vulnerable to Cross Site Scripting (XSS)

Software MultiParcels Shipping For WooCommerce Type Plugin Vulnerable versions 1.15.4 Fixed in 1.15.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3671 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8dd42e4b310c...

6.1CVSS5.9AI score0.00396EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder