module
Abandoned Cart for WooCommerce SQLi Scanner
| Disclosed |
|---|
| Nov 5, 2020 |
Disclosed
Nov 5, 2020
Description
Abandoned Cart, a plugin for WordPress which extends the WooCommerce plugin,
prior to 5.8.2 is affected by an unauthenticated SQL injection via the
billing_first_name parameter of the save_data AJAX call. A valid
wp_woocommerce_session cookie is required, which has at least one item in the
cart.
prior to 5.8.2 is affected by an unauthenticated SQL injection via the
billing_first_name parameter of the save_data AJAX call. A valid
wp_woocommerce_session cookie is required, which has at least one item in the
cart.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.