2 matches found
CVE-2023-1546
CVE-2023-1546 affects the WordPress plugin MyCryptoCheckout prior to version 2.124. The issue is a Reflected Cross-Site Scripting caused by not escaping certain URLs output in HTML attributes. The NVD entry and the Nuclei template confirm this cross-site scripting flaw, with a CVSS v3.1 base scor...
CVE-2023-41693
CVE-2023-41693 : A Cross-Site Request Forgery (CSRF) flaw affects the WordPress plugin “edward_plainview MyCryptoCheckout” up to version 2.125. Root cause is CSRF exposure allowing unauthenticated users to trigger actions on behalf of authenticated sites. The vulnerability is listed with a PatchS...