Stored HTML Injection in WooCommerce Payment Gateway Titles
CVE-2022-2099 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles
Learn more about our Wordpress Pen Testing.