← All advisories

Unrated severityNVD Advisory· Published Oct 18, 2023· Updated Apr 28, 2026

WordPress Order auto complete for WooCommerce Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

CVE-2023-45072

Description

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kardi Order auto complete for WooCommerce plugin <= 1.2.0 versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Kardi/Order Auto Complete For Woocommercellm-fuzzy2 versions
<=1.2.0+ 1 more
- (no CPE)range: <=1.2.0
- (no CPE)range: n/a

Patches

Vulnerability mechanics

References

1

patchstack.com/database/vulnerability/order-auto-complete-for-woocommerce/wordpress-order-auto-complete-for-woocommerce-plugin-1-2-0-cross-site-scripting-xss-vulnerabilitymitrevdb-entry

News mentions

0

No linked articles in our index yet.