Lucene search

K

ByConsole Security Vulnerabilities

cve
cve

CVE-2023-0894

The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in...

4.8CVSS

4.8AI Score

0.001EPSS

2023-05-08 02:15 PM
22
cve
cve

CVE-2023-45006

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin <= 2.4.6...

7.1CVSS

6AI Score

0.0005EPSS

2023-10-17 12:15 PM
16