Lucene search
WpvulndbWPVDB-ID:3D1B32F0-1996-43C0-B293-828440D7776DHistoryDec 01, 2022 - 12:00 a.m.
Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting
2022-12-0100:00:00
wpscan.com
4
afterpay
woocommerce
cross-site scripting
vulnerability
0.001 Low
EPSS
Percentile
27.3%
The plugin does not sanitise and escape the orderToken parameter before outputting it back in the page via an error message, leading to a Reflected Cross-Site Scripting
| CPE | Name | Operator | Version |
|---|---|---|---|
| afterpay-gateway-for-woocommerce | lt | 3.5.1 |
Related
cve
cve
CVE-2022-29416
2023-02-06 13:15:09
wpvulndb
wpvulndb
Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting
2022-12-01 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-29416
2023-02-06 13:15:09
prion
prion
Cross site scripting
2023-02-06 13:15:00