WordPress Plugin Vulnerabilities

WooCommerce <= 2.4.8 - Authenticated Cross-Site Scripting (XSS)

Description

The WooCommerce WordPress plugin was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
woocommerce
Fixed in 2.4.9

References

URL
https://fortiguard.com/zeroday/FG-VD-15-095

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
b0761276-0a27-4a9b-96ff-faf751a5e77a

Timeline

Publicly Published
2015-11-17 (about 8 years ago)
Added
2015-11-18 (about 8 years ago)
Last Updated
2019-10-31 (about 4 years ago)

Other

Published
Title
Published
2023-05-12
Title
Featured Image Pro Post Grid < 5.15 - Reflected XSS
Published
2024-04-18
Title
LearnPress – WordPress LMS Plugin < 4.2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-01-10
Title
User Meta Manager <= 3.4.9 - CSRF
Published
2014-06-12
Title
WP Restful <= 0.1 - Multiple XSS
Published
2023-07-10
Title
Grid Kit Premium < 2.2.0 - Multiple Reflected Cross-Site Scripting