3 matches found
WordPress Simple Shopping Cart Plugin <= 4.7.1 is vulnerable to Cross Site Scripting (XSS)
Software Simple Shopping Cart Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6497 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b281d4b588f2 Credits Webbernaut Required...
CVE-2023-6497 WordPress Simple Shopping Cart <= 4.7.1 - Authenticated(Administrator+) Stored Cross-Site Scripting
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redirect URL setting in all versions up to and including 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2023-6497
The CVE-2023-6497 entry applies to WordPress Simple Shopping Cart plugin for WordPress. It describes a Stored Cross-Site Scripting (XSS) vulnerability via the automatic redirect URL setting in all versions up to 4.7.1, due to insufficient input sanitization and output escaping. The attack require...