3 matches found
CVE-2023-4315
The Woo Custom Emails for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wcemailsedit' parameter in versions up to, and including, 2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2023-4315 Woo Custom Emails <= 2.2 - Reflected Cross-Site Scripting via wcemails_edit
The Woo Custom Emails for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wcemailsedit' parameter in versions up to, and including, 2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2023-4315
CVE-2023-4315 affects the WordPress plugin “Woo Custom Emails”. The vulnerability is a reflected XSS in the wcemails_edit parameter for versions up to and including 2.2, caused by insufficient input sanitization and output escaping. Exploitation requires user interaction (tricking the user into c...