VDB
CVE-2023-5325
CVE-2023-5325
PUBLISHED
CVSS 6.099999904632568 MEDIUM
The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
EPSS 0.12% · 31.0th percentile
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
0.12%
31.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Unknown | Woocommerce Vietnam Checkout | 0, 0 |
| levantoan | woocommerce_vietnam_checkout | 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2023-5325 (circl-sighting)
- https://wpscan.com/vulnerability/e93841ef-e113-41d3-9fa1-b21af85bd812 (cve.org)
Timeline
- Nov 27, 2023 CVE Published
- Nov 28, 2023 EPSS Score
- Dec 17, 2023 PoC Published
- Dec 28, 2023 EPSS Score
- Jan 27, 2024 EPSS Score
- Feb 25, 2024 EPSS Score
- Apr 25, 2024 EPSS Score
- May 25, 2024 EPSS Score
- Jun 23, 2024 EPSS Score
- Jul 23, 2024 EPSS Score
- Aug 22, 2024 EPSS Score
- Sep 21, 2024 EPSS Score