Source |
CVE Liste |
Identifiant |
3919284 |
Date de publication |
2022-01-03 13:15:08 (vue: 2022-01-03 16:06:40) |
Titre |
CVE-2021-24999 |
Texte |
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting |
Envoyé |
Oui |
Condensat |
2021 24999 admin back before booster cross cve dashboard does enabled escape invoicing leading module not notice outputting parameter pdf plugin reflected sanitise scripting site wcj when woocommerce wordpress |
Tags |
Guideline
|
Stories |
|
Notes |
|
Move |
|