Japanized For WooCommerce < 2.5.8 – Reflected XSS | CVE 2023-0948 | Plugin Vulnerabilities

Description

The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting

Proof of Concept

With the PeachPay payment gateway enabled (can be enabled via the settings: http://example.com/wp-admin/admin.php?page=wc4jp-options&tab=payment)

Make a logged in admin open the following URL: https://example.com/wp-admin/admin.php?page=peachpay&tab=field&"><script>alert(/XSS/)</script>

Affects Plugins

woocommerce-for-japan

Fixed in 2.5.8

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Erwan LR (WPScan)

Verified

Yes

WPVDB ID

a78d75b2-85a0-41eb-9720-c726ca2e8718

Timeline

Publicly Published

2023-04-17 (about 2 years ago)

Added

2023-04-17 (about 2 years ago)

Last Updated

2023-05-04 (about 2 years ago)

Other

Published

Title

Published

2023-11-06

Title

Garden Gnome Package < 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Published

2025-01-16

Title

Metaphor Widgets <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2022-02-02

Title

WP Time Slots Booking Form < 1.1.63 - Admin+ Stored Cross-Site Scripting

Published

2025-04-01

Title

Piotnet Forms <= 1.0.30 - Authenticated (Author+) Stored Cross-Site Scripting

Published

2024-03-29

Title

Ultimate Addons for Beaver Builder – Lite < 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget