cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-0234,https://securityvulnerability.io/vulnerability/CVE-2022-0234,WOOCS < 1.3.7.5 - Reflected Cross-Site Scripting,"The WOOCS WordPress plugin before 1.3.7.5 does not sanitise and escape the woocs_in_order_currency parameter of the woocs_get_products_price_html AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting",Wordpress,WOOCS – Currency Switcher for WooCommerce. Professional and Free multi currency plugin – Pay in selected currency,6.1,MEDIUM,0.0010000000474974513,false,,false,false,false,,false,false,2022-02-21T10:46:08.000Z,0
CVE-2021-25043,https://securityvulnerability.io/vulnerability/CVE-2021-25043,WOOCS < 1.3.7.3 - Reflected Cross-Site Scripting,"The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue",Wordpress,Woocs – Currency Switcher For WooCommerce. Professional And Free Multi Currency Plugin – Pay In Selected Currency,6.1,MEDIUM,0.0007399999885819852,false,,false,false,false,,false,false,2022-01-10T15:30:33.000Z,0
CVE-2021-24938,https://securityvulnerability.io/vulnerability/CVE-2021-24938,WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting,"The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape the key parameter of the woocs_update_profiles_data AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected cross-Site Scripting issue",Wordpress,Woocs – Currency Switcher For WooCommerce. Professional And Free Multi Currency Plugin – Pay In Selected Currency,6.1,MEDIUM,0.0013200000394135714,false,,false,false,false,,false,false,2021-12-06T15:55:37.000Z,0