Lucene search
Brandon James RoldanWPEX-ID:1F8CB0B9-7447-44DB-8D13-292DB5B17718HistoryApr 04, 2022 - 12:00 a.m.
LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
2022-04-0400:00:00
Brandon James Roldan
80
0.001 Low
EPSS
Percentile
37.0%
The plugin does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue
https://example.com/purchase/confirm-payment/?order=order-xxxxxxx&PayerID=aa"><svg/onload=alert(/XSS/)>Related
wpvulndb
wpvulndb
LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
2022-04-04 00:00:00
prion
prion
Cross site scripting
2022-05-02 16:15:00
cvelist
cvelist
CVE-2022-1250 LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
2022-05-02 16:05:50
nvd
nvd
CVE-2022-1250
2022-05-02 16:15:08
patchstack
patchstack
osv
osv
CVE-2022-1250
2022-05-02 16:15:08
cnvd
cnvd
WordPress LifterLMS PayPal plugin跨站脚本漏洞
2022-05-07 00:00:00
cve
cve
CVE-2022-1250
2022-05-02 16:15:08