all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-0068 (product_gtin_(ean,_upc,_isbn)_for_woocommerce)

Add to bookmarks
March 6, 2023, 2:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

The Product GTIN (EAN, UPC, ISBN) for WooCommerce WordPress plugin through 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

attacks attributes back cross-site cve escape plugin product role scripting upc woocommerce wordpress wordpress plugin

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Engineer III

@ Hexagon US Federal | Huntsville, AL
View on infosec-jobs.com

Cybersecurity Technical Advisor

@ Microsoft | Reading, Berkshire, United Kingdom
View on infosec-jobs.com

Cybersecurity Engineer

@ Mindvalley | Kuala Lumpur, Kuala Lumpur, Malaysia
View on infosec-jobs.com

Network Security (Meraki) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Sr. Director, Product Security

@ Ro | New York City or Remote
View on infosec-jobs.com

Senior Research Engineer, Cryptography (PhD Entry Level)

@ Seagate Technology | Shakopee, MN, US
View on infosec-jobs.com
View more jobs