Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2018-11485
HistoryJun 01, 2018 - 3:00 p.m.

CVE-2018-11485

2018-06-0115:00:00
mitre
www.cve.org
2

EPSS

0.001

Percentile

38.0%

JSON

The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce -> Orders admin page. The attack is possible by modifying the β€œreferral_site” cookie to have an XSS payload, and placing an order.

Related

prion 1
nvd 1
patchstack 1
cve 1
wpvulndb 1
prion
prion
Cross site scripting
2018-06-01 15:29:00
nvd
nvd
CVE-2018-11485
2018-06-01 15:29:00
patchstack
patchstack
WordPress WooCommerce Quick Reports plugin <= 1.0.6 - Stored Cross-Site Scripting (XSS) vulnerability
2018-06-03 00:00:00
cve
cve
CVE-2018-11485
2018-06-01 15:29:00
wpvulndb
wpvulndb
Advance Search for WooCommerce < 1.1 - Multiple XSS
2018-06-04 00:00:00

EPSS

0.001

Percentile

38.0%

JSON
Related for CVELIST:CVE-2018-11485
prion1nvd1patchstack1cve1wpvulndb1