Limited Black Friday Offer:

WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected XSS CVE-2014-4558 Scanner

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected XSS CVE-2014-4558 Scanner Detail

Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.

http://codevigilant.com/disclosure/wp-plugin-swipehq-payment-gateway-woocommerce-a3-cross-site-scripting-xss