WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in WordPress Product Feed PRO for WooCommerce Plugin before 11.2.3, which stems from woosea_categories_dropdown AJAX does not escape the rowCount parameter. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress product feed pro for woocommerce plugin | lt | 11.2.3 |