Description
The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Published: 2024-04-24
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00042}

 epss

{'score': 0.00043}

Wed, 07 May 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Vanquish
Vanquish woocommerce Customers Manager
CPEs cpe:2.3:a:vanquish:woocommerce_customers_manager:*:*:*:*:*:wordpress:*:*
Vendors & Products Vanquish
Vanquish woocommerce Customers Manager

Subscriptions

Vanquish Woocommerce Customers Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2024-08-01T18:48:21.661Z

Reserved: 2024-02-22T13:43:57.106Z

Link: CVE-2024-1743

cve-icon Vulnrichment

Updated: 2024-08-01T18:48:21.661Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-24T05:15:46.977

Modified: 2025-05-07T18:00:27.810

Link: CVE-2024-1743

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses