7 matches found
CVE-2017-18506
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens...
CVE-2020-0416
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...
CVE-2020-0416
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...
CVE-2017-18506
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens...
Design/Logic Flaw
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens...
CVE-2017-18506
CVE-2017-18506 affects the WordPress plugin woocommerce-pdf-invoices-packing-slips (before 2.0.13). The vulnerability is an XSS flaw triggered via the tab or section variable on the plugin’s settings screens. Public documentation consistently identifies this as a client-side script execution risk...
CVE-2017-18506
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens...