cpe:/a:elfden:eshop_plugin:6.3.14::~~~wordpress~~ CVE-2016-0765 2017-01-23T16:59:00.893-05:00 2017-01-26T15:00:11.270-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2017-01-26T12:07:04.113-05:00 BID 82347 MLIST [oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14 MISC http://www.vapid.dhs.org/advisory.php?v=160 Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter.