5 matches found
CVE-2023-5140
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5140
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5140
The CVE-2023-5140 entry corresponds to the Bonus for Woo WordPress plugin (pre-5.8.3) and is a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitisation/escaping of parameters output in pages. Exploitation could target high-privilege users (e.g., admins). Public detai...
CVE-2023-5140 Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Bonus for Woo Plugin <= 5.8.2 is vulnerable to Cross Site Scripting (XSS)
Software Bonus for Woo Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5140 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bebc071bb4a6 Credits Enrico Marcolini...