3 matches found
CVE-2023-7151 Product Enquiry for WooCommerce < 3.2 - Reflected XSS
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-7151 Product Enquiry for WooCommerce < 3.2 - Reflected XSS
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-7151
CVE-2023-7151 affects the WordPress plugin “Product Enquiry for WooCommerce” prior to version 3.2. The issue is that the plugin does not sanitize and escape the page parameter before outputting it in an attribute, resulting in a reflected XSS vulnerability. This could be exploited against high-pr...