← voltar
CVE-2022-1470

Ultimate WooCommerce CSV Importer <= 2.0 - Reflected Cross-Site Scripting

EPSS 0.7%CWE-79
The Ultimate WooCommerce CSV Importer WordPress plugin through 2.0 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Produtos afetados
Unknown · Ultimate WooCommerce CSV Importer

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/13bb796f-7a17-47c9-a46f-a1d6ca4b6b91