WordPress WooCommerce Quick Reports Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Quick Reports Type Plugin Vulnerable versions = 2.7.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 03b59d7f21d4 Credits Rafie Muhammad Patchstac...

WordPress WooCommerce Quick Reports plugin <= 2.7.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Quick Reports plugin versions = 2.7.1. Solution No patched version available...

WordPress WooCommerce Quick Reports plugin <= 2.7.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Quick Reports plugin versions = 2.7.1. Solution No patched version available...

WordPress WooCommerce Quick Reports plugin <= 1.0.7 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability found by ThreatPress Security Research Team in WordPress WooCommerce Quick Reports plugin versions = 1.0.7. Solution 11 June 2018 - we were unable to find an updated version or its changelog...

WordPress MULTIDOTS WooCommerce Quick Reports Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. MULTIDOTS WooCommerce Quick Reports plugin is used in one of the e-commerce order report generation plugin...

WordPress WooCommerce Quick Reports plugin <= 1.0.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability found by ThreatPress Research Team in WordPress WooCommerce Quick Reports plugin versions = 1.0.6. Solution 3 June 2018 - plugin still closed by WordPress Security team, no patched version available...

CVE-2018-11485

The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce - Orders admin page. The attack is possible by modifying the "referralsite" cookie to have an XSS payload, and...

CVE-2018-11485

The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce - Orders admin page. The attack is possible by modifying the "referralsite" cookie to have an XSS payload, and...

CVE-2018-11485

The CVE-2018-11485 entry concerns the WordPress plugin MULTIDOTS WooCommerce Quick Reports (versions