3 matches found
WordPress WooCommerce Quick Reports Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Quick Reports Type Plugin Vulnerable versions = 2.7.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 03b59d7f21d4 Credits Rafie Muhammad Patchstac...
CVE-2018-11485
The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce - Orders admin page. The attack is possible by modifying the "referralsite" cookie to have an XSS payload, and...
CVE-2018-11485
The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce - Orders admin page. The attack is possible by modifying the "referralsite" cookie to have an XSS payload, and...