1 results (0.022 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-18834 – WooCommerce Subscriptions < 2.6.3 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-18834
11 Mar 2019 — Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php. Una vulnerabilidad XSS persistente en el plugin WooCommerce Subscriptions versiones anteriores a 2.6.3 para WordPress, permite a atacantes remotos ejecutar JavaScript arbitrario porque los detalles de facturación son manejados inapropiadamente en la función WCS_Admin_Post_Typ... • https://woocommerce.com/products/woocommerce-subscriptions • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •