Filtered by vendor Byconsole Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45006 1 Byconsole 1 Wooodt Lite 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin <= 2.4.6 versions.
CVE-2023-0894 1 Byconsole 1 Pickup \| Delivery \| Dine-in Date Time 2024-11-21 4.8 Medium
The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)