2.1.48

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

piwebsolution

NVD

Published: 2023-06-26

Updated: 2024-11-21

Summary

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions.

Vulnerable Configurations

Part	Description	Count
Application	Piwebsolution Piwebsolution ADD TO Cart Direct Checkout FOR Woocommerce - Piwebsolution ADD TO Cart Direct Checkout FOR Woocommerce 2.1.44 Piwebsolution ADD TO Cart Direct Checkout FOR Woocommerce 2.1.48	3

References

https://patchstack.com/database/vulnerability/add-to-cart-direct-checkout-for-woocommerce/wordpress-direct-checkout-add-to-cart-redirect-for-woocommerce-plugin-2-1-48-cross-site-scripting-xss-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/add-to-cart-direct-checkout-for-woocommerce/wordpress-direct-checkout-add-to-cart-redirect-for-woocommerce-plugin-2-1-48-cross-site-scripting-xss-vulnerability?_s_id=cve