Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by star-emea

    CVE-2023-47514 (GCVE-0-2023-47514)

    Vulnerability from nvd – Published: 2023-11-16 18:07 – Updated: 2026-04-28 16:08
    VLAI
    Title
    WordPress Star CloudPRNT for WooCommerce Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
    Summary
    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <= 2.0.3 versions.
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Credits
    Le Ngoc Anh (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:09:37.348Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/star-cloudprnt-for-woocommerce/wordpress-star-cloudprnt-for-woocommerce-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "star-cloudprnt-for-woocommerce",
              "product": "Star CloudPRNT for WooCommerce",
              "vendor": "lawrenceowen, gcubero, acunnningham, fmahmood",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.3",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Le Ngoc Anh (Patchstack Alliance)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a02.0.3 versions.\u003c/span\u003e"
                }
              ],
              "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin \u003c=\u00a02.0.3 versions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:08:49.414Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/star-cloudprnt-for-woocommerce/wordpress-star-cloudprnt-for-woocommerce-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress Star CloudPRNT for WooCommerce Plugin \u003c= 2.0.3 is vulnerable to Cross Site Scripting (XSS)",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2023-47514",
        "datePublished": "2023-11-16T18:07:27.114Z",
        "dateReserved": "2023-11-06T08:35:52.296Z",
        "dateUpdated": "2026-04-28T16:08:49.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4603 (GCVE-0-2023-4603)

    Vulnerability from nvd – Published: 2023-11-13 22:32 – Updated: 2026-04-08 16:36
    VLAI
    Title
    Star CloudPRNT for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting
    Summary
    The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'printersettings' parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    fmahmood Star CloudPRNT for WooCommerce Affected: 0 , ≤ 2.0.3 (semver)
    Create a notification for this product.
    Credits
    Vincenzo Turturro Gianluca Parisi Vincenzo Cantatore
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:31:06.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/110c6d41-e814-41c9-a3e7-d94ec3d953e6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1cRVH7Oz6M2U2XTbNAmm43PDKBw6FzShA/view?usp=sharing"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/2991002/star-cloudprnt-for-woocommerce/trunk?contextall=1\u0026old=2510015\u0026old_path=%2Fstar-cloudprnt-for-woocommerce%2Ftrunk"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4603",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-07T20:58:32.788787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-08T21:09:51.661Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Star CloudPRNT for WooCommerce",
              "vendor": "fmahmood",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vincenzo Turturro"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Gianluca Parisi"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Vincenzo Cantatore"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u0027printersettings\u0027  parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:36:10.967Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/110c6d41-e814-41c9-a3e7-d94ec3d953e6?source=cve"
            },
            {
              "url": "https://drive.google.com/file/d/1cRVH7Oz6M2U2XTbNAmm43PDKBw6FzShA/view?usp=sharing"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/2991002/star-cloudprnt-for-woocommerce/trunk?contextall=1\u0026old=2510015\u0026old_path=%2Fstar-cloudprnt-for-woocommerce%2Ftrunk"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-11-13T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Star CloudPRNT for WooCommerce \u003c= 2.0.3 - Reflected Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2023-4603",
        "datePublished": "2023-11-13T22:32:14.996Z",
        "dateReserved": "2023-08-29T15:30:04.293Z",
        "dateUpdated": "2026-04-08T16:36:10.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-47514 (GCVE-0-2023-47514)

    Vulnerability from cvelistv5 – Published: 2023-11-16 18:07 – Updated: 2026-04-28 16:08
    VLAI
    Title
    WordPress Star CloudPRNT for WooCommerce Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
    Summary
    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <= 2.0.3 versions.
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Credits
    Le Ngoc Anh (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:09:37.348Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/star-cloudprnt-for-woocommerce/wordpress-star-cloudprnt-for-woocommerce-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "star-cloudprnt-for-woocommerce",
              "product": "Star CloudPRNT for WooCommerce",
              "vendor": "lawrenceowen, gcubero, acunnningham, fmahmood",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.3",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Le Ngoc Anh (Patchstack Alliance)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a02.0.3 versions.\u003c/span\u003e"
                }
              ],
              "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin \u003c=\u00a02.0.3 versions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:08:49.414Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/star-cloudprnt-for-woocommerce/wordpress-star-cloudprnt-for-woocommerce-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress Star CloudPRNT for WooCommerce Plugin \u003c= 2.0.3 is vulnerable to Cross Site Scripting (XSS)",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2023-47514",
        "datePublished": "2023-11-16T18:07:27.114Z",
        "dateReserved": "2023-11-06T08:35:52.296Z",
        "dateUpdated": "2026-04-28T16:08:49.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4603 (GCVE-0-2023-4603)

    Vulnerability from cvelistv5 – Published: 2023-11-13 22:32 – Updated: 2026-04-08 16:36
    VLAI
    Title
    Star CloudPRNT for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting
    Summary
    The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'printersettings' parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    fmahmood Star CloudPRNT for WooCommerce Affected: 0 , ≤ 2.0.3 (semver)
    Create a notification for this product.
    Credits
    Vincenzo Turturro Gianluca Parisi Vincenzo Cantatore
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:31:06.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/110c6d41-e814-41c9-a3e7-d94ec3d953e6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1cRVH7Oz6M2U2XTbNAmm43PDKBw6FzShA/view?usp=sharing"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/2991002/star-cloudprnt-for-woocommerce/trunk?contextall=1\u0026old=2510015\u0026old_path=%2Fstar-cloudprnt-for-woocommerce%2Ftrunk"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4603",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-07T20:58:32.788787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-08T21:09:51.661Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Star CloudPRNT for WooCommerce",
              "vendor": "fmahmood",
              "versions": [
                {
                  "lessThanOrEqual": "2.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vincenzo Turturro"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Gianluca Parisi"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Vincenzo Cantatore"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u0027printersettings\u0027  parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:36:10.967Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/110c6d41-e814-41c9-a3e7-d94ec3d953e6?source=cve"
            },
            {
              "url": "https://drive.google.com/file/d/1cRVH7Oz6M2U2XTbNAmm43PDKBw6FzShA/view?usp=sharing"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/2991002/star-cloudprnt-for-woocommerce/trunk?contextall=1\u0026old=2510015\u0026old_path=%2Fstar-cloudprnt-for-woocommerce%2Ftrunk"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-11-13T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Star CloudPRNT for WooCommerce \u003c= 2.0.3 - Reflected Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2023-4603",
        "datePublished": "2023-11-13T22:32:14.996Z",
        "dateReserved": "2023-08-29T15:30:04.293Z",
        "dateUpdated": "2026-04-08T16:36:10.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }