Lucene search
JrXnmWPVDB-ID:1980C5CA-447D-4875-B542-9212CC7FF77FHistoryFeb 15, 2022 - 12:00 a.m.
Persian Woocommerce < 5.9.8 - Reflected Cross-Site Scripting
2022-02-1500:00:00
JrXnm
wpscan.com
6
0.001 Low
EPSS
Percentile
43.5%
The plugin does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which could lead to a Reflected Cross-Site Scripting issue
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| persian-woocommerce | lt | 5.9.8 |
Related
cve
cve
CVE-2021-24940
2022-03-14 15:15:08
wpexploit
wpexploit
Persian Woocommerce < 5.9.8 - Reflected Cross-Site Scripting
2022-02-15 00:00:00
cnvd
cnvd
WordPress Persian Woocommerce Cross-Site Scripting Vulnerability
2022-03-16 00:00:00
cvelist
cvelist
CVE-2021-24940 Persian Woocommerce <= 5.8.0 - Reflected Cross-Site Scripting
2022-03-14 14:40:59
prion
prion
Cross site scripting
2022-03-14 15:15:00
nuclei
nuclei
WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting
2022-10-03 15:03:31
nvd
nvd
CVE-2021-24940
2022-03-14 15:15:08