2 matches found
CVE-2024-6480
The SIP Reviews Shortcode for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'noofreviews' attribute in the woocommercereviews shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied...
WordPress SIP Reviews Shortcode for WooCommerce Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)
Software SIP Reviews Shortcode for WooCommerce Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6480 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 16ac05c4862e Credits...