First published: Wed Aug 28 2019(Updated: )
Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ithemes Table Rate Shipping | <1.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability identifier for Table Rate Shipping Add-on for iThemes Exchange is CVE-2015-9375.
The severity of CVE-2015-9375 is medium.
The vulnerability in Table Rate Shipping Add-on for iThemes Exchange affects WordPress through XSS (Cross-Site Scripting) vulnerability.
To fix CVE-2015-9375, update Table Rate Shipping Add-on for iThemes Exchange to version 1.1.0 or later.
The Common Weakness Enumeration (CWE) for CVE-2015-9375 is CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).