The stylish-cost-calculator-premium WordPress plugin before 7.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Stored Cross-Site Scripting which could be used against admins when viewing submissions submitted through the Email Quote Form.
References
| Link | Resource |
|---|---|
| https://wpscan.com/vulnerability/73353221-3e6d-44e8-bf41-55a0fe57d81f | Exploit Third Party Advisory |
| https://wpscan.com/vulnerability/73353221-3e6d-44e8-bf41-55a0fe57d81f | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:38
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://wpscan.com/vulnerability/73353221-3e6d-44e8-bf41-55a0fe57d81f - Exploit, Third Party Advisory |
07 Nov 2023, 04:02
| Type | Values Removed | Values Added |
|---|---|---|
| CWE |
14 Apr 2023, 03:34
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:stylishcostcalculator:stylish_cost_calculator:*:*:*:*:*:wordpress:*:* | |
| First Time |
Stylishcostcalculator
Stylishcostcalculator stylish Cost Calculator |
|
| References | (MISC) https://wpscan.com/vulnerability/73353221-3e6d-44e8-bf41-55a0fe57d81f - Exploit, Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
10 Apr 2023, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-04-10 14:15
Updated : 2025-02-11 22:15
NVD link : CVE-2023-0983
Mitre link : CVE-2023-0983
CVE.ORG link : CVE-2023-0983
JSON object : View
Products Affected
stylishcostcalculator
- stylish_cost_calculator
CWE
No CWE.