Vulnerabilities > Etoilewebdesign > Order Tracking > 3.3.6

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-4471 Unspecified vulnerability in Etoilewebdesign Order Tracking 3.3.6
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the start_date and end_date parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping.
network
low complexity
etoilewebdesign
6.1
6.1
2023-08-31 CVE-2023-4500 Unspecified vulnerability in Etoilewebdesign Order Tracking 3.3.6
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping.
network
low complexity
etoilewebdesign
4.8
4.8