CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0068

The Product GTIN (EAN, UPC, ISBN) for WooCommerce WordPress plugin through 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.8%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-0068

None » None » Version:

_isbn)_for_woocommerce:-
None » None » Version:

_isbn)_for_woocommerce:1.0.2
None » None » Version:

_isbn)_for_woocommerce:1.0.3
None » None » Version:

_isbn)_for_woocommerce:1.0.4
None » None » Version:

_isbn)_for_woocommerce:1.0.5
None » None » Version:

_isbn)_for_woocommerce:1.0.6
None » None » Version:

_isbn)_for_woocommerce:1.0.7
None » None » Version:

_isbn)_for_woocommerce:1.0.8
None » None » Version:

_isbn)_for_woocommerce:1.0.9
None » None » Version:

_isbn)_for_woocommerce:1.1.0
None » None » Version:

_isbn)_for_woocommerce:1.1.1
None » None » Version:

_isbn)_for_woocommerce_project:product_gtin_(ean
None » None » Version:

_upc
None » None » Version:

cpe:2.3:a:product_gtin_(ean

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0068

Products

Pricing

Contact Us