exploitDog

CVE-2025-26553

Опубликовано: 15 мар. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spring Devs Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin allows Reflected XSS. This issue affects Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin: from n/a through 2.2.

Ссылки

https://patchstack.com/database/wordpress/plugin/wc-pre-order/vulnerability/wordpress-pre-order-addon-for-woocommerce-plugin-1-0-7-reflected-cross-site-scripting?_s_id=cve

EPSS

Процентиль: 27%

0.00094

Низкий

7.1 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-9pmv-v4jf-wjh6

CVSS3: 7.1

github

11 месяцев назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spring Devs Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin allows Reflected XSS. This issue affects Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin: from n/a through 2.2.

EPSS

Процентиль: 27%

0.00094

Низкий

7.1 High

CVSS3

Дефекты

CWE-79