CVE-2019-1010124
N/A
N/A
Summary
WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting (XSS). The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WebAppick | WooCommerce Product Feed | ≤ 2.2.18 | affected |
Weaknesses
- Cross Site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
- https://www.youtube.com/watch?v=T-sqQDFRRBg
- https://wpvulndb.com/vulnerabilities/9856
- http://packetstormsecurity.com/files/154263/WordPress-WooCommerce-Product-Feed-2.2.18-Cross-Site-Scripting.html
References
- https://www.youtube.com/watch?v=T-sqQDFRRBg
- https://wpvulndb.com/vulnerabilities/9856
- http://packetstormsecurity.com/files/154263/WordPress-WooCommerce-Product-Feed-2.2.18-Cross-Site-Scripting.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.