ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WooCommerce Quick Reports plugin <= 1.0.7 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Product
WooCommerce Quick Reports
Description
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability found by ThreatPress Security Research Team in WordPress WooCommerce Quick Reports plugin (versions <= 1.0.7).
Solution
11 June 2018 - we were unable to find an updated version or its changelog.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.7
Disclosure date
2018-06-11
Credits
ThreatPress
Submitter
ThreatPress