5 matches found
CVE-2024-6134
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-6134
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-6134 WP eStore < 8.5.6 - Reflected XSS in Product Editing
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-6134 WP eStore < 8.5.6 - Reflected XSS in Product Editing
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-6134
CVE-2024-6134 affects wp-cart-for-digital-products (WordPress plugin) prior to version 8.5.6. The vulnerability is a Reflected XSS caused by insufficient sanitization/escaping of a parameter before it is echoed on the page, potentially affecting high-privilege users (admin). The issue is publicly...