← Back

Woocommerce Quick Reports

woocommerce_quick_reports

Vendor: Multidots • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-11485
1Multidots
1Woocommerce Quick Reports
Nov 21, 2024
Jun 1, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce -> Orders admin page. The attack is...Show more
The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce -> Orders admin page. The attack is possible by modifying the "referral_site" cookie to have an XSS payload, and placing an order.Show less