Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location 2.4.6

  • Severity: medium-risk
  • Status: Open
  • Publication: October 3, 2023

The WooODT Lite plugin for WordPress, up to and including version 2.4.6, is vulnerable to a type of attack called Reflected Cross-Site Scripting. This attack involves malicious code being injected into a page, and if a user clicks on a link or performs an action, the code will run. The vulnerability exists because the plugin does not properly sanitize input or escape output, meaning attackers can inject code without being detected.

Detected in:

ODT Lite – Delivery & pickup date time location for WooCommerce fixed vulnerable versions:
WooODT Lite – Delivery & pickup date time location for WooCommerce fixed vulnerable versions:
WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location open vulnerable versions: >= * <= 2.4.6

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.