PT-2023-15089 · WordPress · Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop

Team Webob

Published

2023-05-09

Updated

2023-05-12

CVE-2022-46864

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin versions <= 0.1

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This allows for malicious scripts to be injected into the website, potentially leading to unauthorized actions.

Recommendations For Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin versions <= 0.1, update to a version higher than 0.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-46864

Affected Products

Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop

CVE-2022-46864

Weakness Enumeration

Related Identifiers

Affected Products

References · 4