WordPress Plugin Vulnerabilities
Biteship < 2.2.28 - Shop manager+ Stored XSS
Description
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Shop Manager and above to perform Stored Cross-Site Scripting attacks
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Luqman Hakim Y
Verified
No
WPVDB ID
Timeline
Publicly Published
2023-12-04 (about 5 months ago)
Added
2023-12-09 (about 5 months ago)
Last Updated
2024-03-25 (about 1 months ago)