Vulnerabilities > Etoilewebdesign > Order Tracking > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-4500 | Unspecified vulnerability in Etoilewebdesign Order Tracking 3.3.6 The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. | 4.8 |