CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-2028

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00973EPSS

Exploits1References6

Github Security Blog•added 2024/06/12 7:40 p.m.•32 views

WooCommerce has a Cross-Site Scripting (XSS) Vulnerability in checkout & registration forms

Impact A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be sent to victims for malicious purposes. The injected JavaScript...

5.4CVSS5.3AI score0.00973EPSS

Exploits1References6Affected Software1

OSV•added 2024/06/12 7:40 p.m.•27 views

GHSA-CV23-Q6GH-XFRF WooCommerce has a Cross-Site Scripting (XSS) Vulnerability in checkout & registration forms

5.4CVSS5AI score0.00973EPSS

Exploits1References6

NVD•added 2024/06/12 3:15 p.m.•27 views

CVE-2024-37297

WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be...

5.4CVSS0.00973EPSS

Exploits1References4

Cvelist•added 2024/06/12 3:5 p.m.•30 views

CVE-2024-37297 WooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms

5.4CVSS0.00973EPSS

Exploits1References4

OSV•added 2024/06/12 3:5 p.m.•25 views

CVE-2024-37297 WooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms

5.4CVSS6AI score0.00973EPSS

Exploits1References6

CVE•added 2024/06/12 3:5 p.m.•141 views

CVE-2024-37297

CVE-2024-37297 affects WooCommerce on WordPress. An XSS flaw introduced in 8.8 can be triggered by crafting a link that injects HTML/JavaScript into classic checkout and registration forms via Sourcebuster.js, potentially allowing an attacker to hijack browser content and session data. The vulner...

5.4CVSS5.4AI score0.00973EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2024/06/12 3:5 p.m.•30 views

CVE-2024-37297 WooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms

5.4CVSS6AI score0.00973EPSS

Exploits1References4

Positive Technologies•added 2024/06/12 12:0 a.m.•3 views

PT-2024-27454 · Unknown · Woocommerce +1

Name of the Vulnerable Software and Affected Versions: WooCommerce versions 8.8 through 8.8.4 WooCommerce versions 8.9 through 8.9.2 Description: A cross-site scripting vulnerability in WooCommerce allows a bad actor to manipulate a link to include malicious HTML and JavaScript content. The...

5.4CVSS6.1AI score0.00973EPSS

Exploits1References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by