2 matches found
CVE-2023-4160
CVE-2023-4160 affects the WooCommerce PDF Invoice Builder plugin for WordPress, with Stored Cross-Site Scripting via admin settings in versions up to and including 1.2.90. The vulnerability arises from insufficient input sanitization and output escaping, enabling authenticated attackers with admi...
WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.90 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.90 Fixed in 1.2.91 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4160 Patch priority Low CVSS severity Low 5.9 Developer Edgar Rojas PSID 27b991f0b0a1 Credits Marco...