exploitDog

GHSA-v6cw-g4v9-gjmf

Опубликовано: 18 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.

Ссылки

EPSS

Процентиль: 70%

0.00636

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-5348

CVSS3: 6.1

nvd

около 2 лет назад

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.

EPSS

Процентиль: 70%

0.00636

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79