Vulnerabilities > Tychesoftwares > Order Delivery Date FOR WP E Commerce

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-0678 Cross-site Scripting vulnerability in Tychesoftwares Order Delivery Date for WP E-Commerce 1.2
The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'available-days-tf' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping.
network
low complexity
tychesoftwares CWE-79
6.1
6.1
2023-10-02 CVE-2023-41859 Cross-site Scripting vulnerability in Tychesoftwares Order Delivery Date for WP E-Commerce
Auth.
network
low complexity
tychesoftwares CWE-79
4.8
4.8