← voltar
CVE-2022-2090

Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting

EPSS 0.7%CWE-79
The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting
Produtos afetados
Unknown · Discount Rules for WooCommerce

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/0201f365-7acb-4640-bd3f-7119432f4917