4 matches found
CVE-2023-5230
The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tmwoowishlisttable' shortcode in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5230 TM WooCommerce Compare & Wishlist <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tmwoowishlisttable' shortcode in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5230
CVE-2023-5230 concerns the TM WooCommerce Compare & Wishlist WordPress plugin. The vulnerability: Stored Cross-Site Scripting via the shortcode tm_woo_wishlist_table, arising from insufficient input sanitization and output escaping of user-supplied attributes. Affected versions are up to and incl...
WordPress TM WooCommerce Compare & Wishlist Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software TM WooCommerce Compare & Wishlist Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5230 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 76b4f5683bff Credits Lana Cod...