Exploitation Summary
EIP tracks 1 public exploit for CVE-2025-55998. PoCs published by Ocmenog.
AI-analyzed exploit summary This repository contains a detailed writeup for CVE-2025-55998, a reflected XSS vulnerability in Mezereon's Smart Search and Filter app for Shopify and BigCommerce. The writeup includes proof-of-concept examples demonstrating how malicious payloads can be injected via URL parameters.
Description
A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter
Exploits (1)
This repository contains a detailed writeup for CVE-2025-55998, a reflected XSS vulnerability in Mezereon's Smart Search and Filter app for Shopify and BigCommerce. The writeup includes proof-of-concept examples demonstrating how malicious payloads can be injected via URL parameters.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N