16 matches found
EUVD-2023-54355
Malicious code in bioql PyPI...
CVE-2023-4471
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the startdate and enddate parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-4500
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers admin or higher to inject...
CVE-2023-4500
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers admin or higher to inject...
CVE-2023-4471
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the startdate and enddate parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-4500
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers admin or higher to inject...
CVE-2023-4471 Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the startdate and enddate parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-4471
The Order Tracking Pro WordPress plugin is vulnerable to Reflected Cross-Site Scripting via start_date and end_date in versions up to 3.3.6 due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject web scripts into pages executed when a user is tr...
CVE-2023-4471 Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the startdate and enddate parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-4500
CVE-2023-4500 – Order Tracking Pro (WordPress) Affected: Order Tracking Pro plugin for WordPress (
CVE-2023-4500 Order Tracking Pro <= 3.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers admin or higher to inject...
PT-2023-29342 · WordPress · Order Tracking Pro
Name of the Vulnerable Software and Affected Versions: Order Tracking Pro plugin for WordPress versions up to, and including, 3.3.6 Description: The issue is related to Stored Cross-Site Scripting via the order status parameter due to insufficient input sanitization and output escaping. This allo...
WordPress plugin Order Tracking Pro 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress plugin Order Tracking Pro 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
PT-2023-29281 · WordPress · Order Tracking Pro
Name of the Vulnerable Software and Affected Versions: Order Tracking Pro plugin for WordPress versions up to, and including, 3.3.6 Description: The issue is related to Reflected Cross-Site Scripting via the start date and end date parameters due to insufficient input sanitization and output...
Order Tracking Pro < 3.3.7 - Reflected Cross-Site Scripting
Description The plugin does not sanitise and escape the startdate and enddate parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...