CVE-2021-38341

🗓️ 10 Sep 2021 13:33:07Reported by WordfenceType

cve🔗 web.nvd.nist.gov👁 44 Views🌐 WEB

WooCommerce Payment Gateway Per Category WordPress plugin, CVE-2021-38341, Reflected Cross-Site Scripting vulnerabilit

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-38341	10 Sep 202118:30	–	circl
CNNVD	WordPress 插件跨站脚本漏洞	10 Sep 202100:00	–	cnnvd
Cvelist	CVE-2021-38341 WooCommerce Payment Gateway Per Category <= 2.0.10 Reflected Cross-Site Scripting	10 Sep 202113:33	–	cvelist
EUVD	EUVD-2021-24794	7 Oct 202500:30	–	euvd
NVD	CVE-2021-38341	10 Sep 202114:15	–	nvd
OSV	CVE-2021-38341	10 Sep 202114:15	–	osv
Patchstack	WordPress Woocommerce Payment Gateway per Category plugin <= 2.0.10 - Reflected Cross-Site Scripting (XSS) vulnerability	9 Sep 202100:00	–	patchstack
Prion	Cross site scripting	10 Sep 202114:15	–	prion
Vulnrichment	CVE-2021-38341 WooCommerce Payment Gateway Per Category <= 2.0.10 Reflected Cross-Site Scripting	10 Sep 202113:33	–	vulnrichment
WPVulnDB	WooCommerce Payment Gateway Per Category <= 2.0.10 - Reflected Cross-Site Scripting	9 Sep 202100:00	–	wpvulndb

NVD

Vulners

Node

dreamfoxmedia woocommerce_payment_gateway_per_categoryRange≤2.0.10wordpress

[
  {
    "product": "WooCommerce Payment Gateway Per Category",
    "vendor": "WooCommerce Payment Gateway Per Category",
    "versions": [
      {
        "lessThanOrEqual": "2.0.10",
        "status": "affected",
        "version": "2.0.10",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/wc-payment-gateway-per-category/tags/2.0.10/includes/plugin_settings.php
wordfence	www.wordfence.com/vulnerability-advisories/

Parameter	Position	Path	Description	CWE
PHP_SELF	path	includes/plugin_settings.php	Reflected XSS via PHP_SELF reflection in includes/plugin_settings.php in vulnerable plugin version up to 2.0.10.	CWE-79

17 Jun 2026 04:01Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 3.16.1

EPSS0.00908

SSVC

CWE-79