Lucene search
China National Vulnerability DatabaseCNVD-2023-07755HistoryNov 23, 2022 - 12:00 a.m.
WordPress WooCommerce Cross-Site Scripting Vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
19
wordpress
woocommerce
cross-site scripting
vulnerability
custom product tabs
xss attacks
php
wordpress plugin
filtering
escaping
exploitation
0.001 Low
EPSS
Percentile
22.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WooCommerce 1.7.9 and earlier versions have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in its Custom Product Tabs. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data in the Custom Product Tabs, which can be exploited to inject cross-site code and launch XSS attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress1 woocommerce plugin | le | 1.7.9 |
Related
cvelist
cvelist
wpvulndb
wpvulndb
Custom Product Tabs for WooCommerce < 1.8.0 - Admin+ Stored XSS
2022-11-30 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2022-11-18 19:15:00
cve
cve
CVE-2022-43463
2022-11-30 00:00:00
openvas
openvas
nvd
nvd
CVE-2022-43463
2022-11-18 19:15:31