CVE-2022-2099
WooCommerce < 6.6.0 - Admin+ Stored HTML InjectionThe WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles
We have discovered 474,939 live websites that are affected by CVE-2022-2099.
Contact us to get more info
Affected Software
| |
---|
Product | WooCommerce |
Category | Ecommerce |
Vulnerable Versions | |
Total Vulnerable Versions | 582 |
Vulnerable Domains | 474,939 live websites (36.75% of WooCommerce install base) |
Common Weakness Enumeration
CWE-116 Improper Encoding or Escaping of Output