Cross-Site Scripting Vulnerabilities in Cart66 Lite Plugin for WordPress
CVE-2013-5978

6.1MEDIUM

Key Information:

Vendor: Wordpress
Status: Cart66 Lite Plugin
Vendor: CVE Published:; 11 December 2019

Summary

The Cart66 Lite Plugin for WordPress is susceptible to multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary HTML or web scripts. This can occur via the Product name or Price description fields through unauthorized requests to wp-admin/admin.php. These vulnerabilities can compromise site integrity and may potentially be exploited in conjunction with other weaknesses to escalate privileges.