Zingiri Web Shop < 2.4.2 – onecheckout.php notes Parameter XSS | CVE 2012-6506

Affects Plugins

zingiri-web-shop

Fixed in 2.4.2

References

CVE

CVE-2012-6506

Exploitdb

18787

URL

https://exchange.xforce.ibmcloud.com/vulnerabilities/75179

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Verified

No

WPVDB ID

1878ac76-671f-451d-9fe1-d35c51446a1c

Timeline

Publicly Published

2014-08-01 (about 11 years ago)

Added

2014-08-01 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2014-08-01

Title

WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS

Published

2022-01-26

Title

Embed Swagger <= 1.0.0 - Reflected Cross-Site Scripting

Published

2022-02-10

Title

Social Media Feather < 2.0.5 - Admin+ Stored Cross-Site Scripting

Published

2025-08-15

Title

Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link

Published

2024-04-01

Title

Colibri Page Builder < 1.0.270 - Contributor+ Stored XSS