Vulnerabilities > CVE-2023-28991 - Unspecified vulnerability in Piwebsolution Pi-Woocommerce-Order-Date-Time-And-Type 3.0.19

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

piwebsolution

NVD

Published: 2023-06-26

Updated: 2024-11-21

Summary

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions.

Vulnerable Configurations

Part	Description	Count
Application	Piwebsolution Piwebsolution PI Woocommerce Order Date Time AND Type - Piwebsolution PI Woocommerce Order Date Time AND Type 3.0.19	2

References

https://patchstack.com/database/vulnerability/pi-woocommerce-order-date-time-and-type/wordpress-order-date-time-for-woocommerce-plugin-3-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/pi-woocommerce-order-date-time-and-type/wordpress-order-date-time-for-woocommerce-plugin-3-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve