Lucene search
WpvulndbWPVDB-ID:1021BE31-4A35-4FF3-A7BC-00DA607C2FE0HistoryJul 24, 2020 - 12:00 a.m.
WooCommerce Subscriptions < 2.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)
2020-07-2400:00:00
wpscan.com
10
0.001 Low
EPSS
Percentile
50.5%
An unauthenticated user could put XSS payload in their billing details when subscribing, which will then be executed in the admin dashboard when moused over.
| CPE | Name | Operator | Version |
|---|---|---|---|
| woocommerce-subscriptions | lt | 2.6.3 |
Related
cve
cve
CVE-2019-18834
2020-07-23 20:15:11
patchstack
patchstack
openvas
openvas
WordPress WooCommerce Subscriptions Plugin < 2.6.3 XSS Vulnerability
2020-07-28 00:00:00
cvelist
cvelist
CVE-2019-18834
2020-07-23 19:42:47
nvd
nvd
CVE-2019-18834
2020-07-23 20:15:11
prion
prion
Cross site scripting
2020-07-23 20:15:00