Описание
WooCommerce WordPress plugin before 6.6.0 vulnerable to stored HTML injection
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles
Пакеты
Наименование
woocommerce/woocommerce
composer
Затронутые версииВерсия исправления
< 6.6.0
6.6.0
Связанные уязвимости
CVSS3: 4.8
nvd
больше 3 лет назад
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles