RSS   Podatności dla 'Woocommerce affiliate'   RSS

2022-03-28
 
CVE-2022-0818

CWE-79
 

 
The WooCommerce Affiliate Plugin WordPress plugin before 4.16.4.5 does not have authorization and CSRF checks on a specific action handler, as well as does not sanitize its settings, which enables an unauthenticated attacker to inject malicious XSS payloads into the settings page of the plugin.

 

 >>> Vendor: Yithemes 3 Produkty
Woocommerce gift cards
Yith maintenance mode
Woocommerce affiliate


Copyright 2024, cxsecurity.com

 

Back to Top