PT-2022-14857 · WordPress · Woocommerce

Name of the Vulnerable Software and Affected Versions: WooCommerce WordPress plugin versions prior to 6.6.0 Description: The issue is related to stored HTML injection due to a lack of escaping and sanitizing in the payment gateway titles. This allows for potential malicious code injection...

PT-2020-10876 · Twitter · Bootstrap-Select

Name of the Vulnerable Software and Affected Versions: bootstrap-select versions prior to 1.13.6 Description: The issue allows Cross-Site Scripting XSS due to the failure to escape title values in OPTION elements. This may enable attackers to execute arbitrary JavaScript in a victim's browser...