Skip to main content

Parcel Pro

2 CVEs product

Monthly

CVE-2024-9383 MEDIUM This Month

The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Parcel Pro
NVD
CVSS 3.1
6.1
EPSS
2.0%
CVE-2023-46624 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.6.11. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Parcel Pro
NVD
CVSS 3.1
4.7
EPSS
0.1%
EPSS 2% CVSS 6.1
MEDIUM This Month

The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Parcel Pro
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.6.11. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Parcel Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy