Lucene search
K

6 matches found

Nuclei
Nuclei
added 2026/02/12 5:7 a.m.11 views

Plugin Oficial – Getnet para WooCommerce <= 1.8.0 - Cross-Site Scripting

The Plugin Oficial – Getnet para WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on the 'page' parameter. This makes it possible for unauthenticated attackers to...

6.1CVSS5.8AI score0.00525EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/19 4:6 a.m.11 views

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

6.1CVSS6.3AI score0.00525EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:4 p.m.7 views

CVE-2025-1303

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.1CVSS6.3AI score0.00525EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:16 p.m.20 views

CVE-2025-1303

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.1CVSS0.00525EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.14 views

CVE-2025-1303 Plugin Oficial – Getnet para WooCommerce <= 1.7.3 - Unauthenticated Reflected XSS

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

0.00525EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.55 views

CVE-2025-1303

CVE-2025-1303 concerns the Plugin Oficial WordPress plugin (Getnet para WooCommerce) up to version 1.7.3. The issue is a reflected cross-site scripting (XSS) vulnerability caused by a parameter not being sanitised/escaped before being echoed in the page. Exploitation is described against unauthen...

6.1CVSS6.3AI score0.00525EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder