Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Woocommerce Vietnam Checkout by Unknown

    CVE-2023-5325 (GCVE-0-2023-5325)

    Vulnerability from nvd – Published: 2023-11-27 16:22 – Updated: 2024-08-02 07:52
    VLAI
    Title
    Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS
    Summary
    The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
    Severity
    No CVSS data available.
    Assigner
    References
    URL Tags
    https://wpscan.com/vulnerability/e93841ef-e113-41… exploitvdb-entrytechnical-description
    Impacted products
    Vendor Product Version
    Unknown Woocommerce Vietnam Checkout Affected: 0 , < 2.0.6 (semver)
    Create a notification for this product.
    Credits
    dc11 WPScan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:52:08.579Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "product": "Woocommerce Vietnam Checkout",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "2.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "dc11"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "WPScan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79 Cross-Site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-27T16:22:03.231Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "exploit",
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Woocommerce Vietnam Checkout \u003c 2.0.6 - Unauthenticated Stored XSS ",
          "x_generator": {
            "engine": "WPScan CVE Generator"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2023-5325",
        "datePublished": "2023-11-27T16:22:03.231Z",
        "dateReserved": "2023-10-01T09:26:31.768Z",
        "dateUpdated": "2024-08-02T07:52:08.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5325 (GCVE-0-2023-5325)

    Vulnerability from cvelistv5 – Published: 2023-11-27 16:22 – Updated: 2024-08-02 07:52
    VLAI
    Title
    Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS
    Summary
    The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
    Severity
    No CVSS data available.
    Assigner
    References
    URL Tags
    https://wpscan.com/vulnerability/e93841ef-e113-41… exploitvdb-entrytechnical-description
    Impacted products
    Vendor Product Version
    Unknown Woocommerce Vietnam Checkout Affected: 0 , < 2.0.6 (semver)
    Create a notification for this product.
    Credits
    dc11 WPScan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:52:08.579Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "product": "Woocommerce Vietnam Checkout",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "2.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "dc11"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "WPScan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79 Cross-Site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-27T16:22:03.231Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "exploit",
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Woocommerce Vietnam Checkout \u003c 2.0.6 - Unauthenticated Stored XSS ",
          "x_generator": {
            "engine": "WPScan CVE Generator"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2023-5325",
        "datePublished": "2023-11-27T16:22:03.231Z",
        "dateReserved": "2023-10-01T09:26:31.768Z",
        "dateUpdated": "2024-08-02T07:52:08.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }