Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Woocommerce Vietnam Checkout by Unknown
CVE-2023-5325 (GCVE-0-2023-5325)
Vulnerability from nvd – Published: 2023-11-27 16:22 – Updated: 2024-08-02 07:52
VLAI
Title
Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS
Summary
The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
Severity
No CVSS data available.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/e93841ef-e113-41… | exploitvdb-entrytechnical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Woocommerce Vietnam Checkout |
Affected:
0 , < 2.0.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Woocommerce Vietnam Checkout",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "dc11"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-27T16:22:03.231Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Woocommerce Vietnam Checkout \u003c 2.0.6 - Unauthenticated Stored XSS ",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-5325",
"datePublished": "2023-11-27T16:22:03.231Z",
"dateReserved": "2023-10-01T09:26:31.768Z",
"dateUpdated": "2024-08-02T07:52:08.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5325 (GCVE-0-2023-5325)
Vulnerability from cvelistv5 – Published: 2023-11-27 16:22 – Updated: 2024-08-02 07:52
VLAI
Title
Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS
Summary
The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
Severity
No CVSS data available.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/e93841ef-e113-41… | exploitvdb-entrytechnical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Woocommerce Vietnam Checkout |
Affected:
0 , < 2.0.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Woocommerce Vietnam Checkout",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "dc11"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-27T16:22:03.231Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Woocommerce Vietnam Checkout \u003c 2.0.6 - Unauthenticated Stored XSS ",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-5325",
"datePublished": "2023-11-27T16:22:03.231Z",
"dateReserved": "2023-10-01T09:26:31.768Z",
"dateUpdated": "2024-08-02T07:52:08.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}