CVE-2021-42363 – The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site …

19 November 2021

Vuln ID: CVE-2021-42363

Published: 2021-11-19 16:15:07Z

Description: The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the search_order parameter found in the ~/views/form.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.6.8.

Source: NVD.NIST.GOV

Date:

19 November 2021

Categories:

NVD

Tags:

NVD

Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens3 December 2023
Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns2 December 2023
ChatGPT Spit Out Sensitive Data When Told to Repeat ‘Poem’ Forever2 December 2023
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs2 December 2023
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.2 December 2023