[email protected]CVE-2024-22153

HistoryJan 31, 2024 - 7:15 p.m.

CVE-2024-22153

2024-01-3119:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cve-2024-22153

vulnerability

xss

web security

woocommerce

nvd

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:M/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

13.7%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.

CPENameOperatorVersion
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommercelt2.6.0
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.1.8
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq1.2.3
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.5.5
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.5.6
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.5.8
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq1.9.3
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.5.3
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq2.0.9
fahadmahmood8:stock_locations_for_woocommercefahadmahmood8 stock locations for woocommerceeq1.9.8

CPE	Name	Operator	Version
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	lt	2.6.0
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.1.8
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	1.2.3
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.5.5
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.5.6
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.5.8
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	1.9.3
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.5.3
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	2.0.9
fahadmahmood8:stock_locations_for_woocommerce	fahadmahmood8 stock locations for woocommerce	eq	1.9.8

Rows per page:

1-10 of 1351

References

patchstack.com/database/vulnerability/stock-locations-for-woocommerce/wordpress-stock-locations-for-woocommerce-plugin-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:M/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

13.7%

JSON

Related for CVE-2024-22153

wpvulndb1 cvelist1 osv1 prion1 wordfence1