4 matches found
CVE-2023-3671 MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3671
CVE-2023-3671 affects the WordPress plugin MultiParcels Shipping For WooCommerce and is caused by insufficient sanitisation/escaping of parameters, leading to a reflected XSS. Vulnerable version range: before 1.15.4 (i.e., prior to plugin version 1.15.4). Impact stated: XSS could be exploited aga...
CVE-2023-3671 MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress MultiParcels Shipping For WooCommerce Plugin < 1.15.4 is vulnerable to Cross Site Scripting (XSS)
Software MultiParcels Shipping For WooCommerce Type Plugin Vulnerable versions 1.15.4 Fixed in 1.15.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3671 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8dd42e4b310c...