CVE-2024-27959

🗓️ 17 Mar 2024 16:27:35Reported by PatchstackType

Improper Input Neutralization in Wpexpertsio WC Shop Sync for Seamless Shop Managemen

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-27959	17 Mar 202418:21	–	circl
CNNVD	WordPress Plugin WC Shop Sync Cross-Site Scripting Vulnerability	17 Mar 202400:00	–	cnnvd
Cvelist	CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability	17 Mar 202416:27	–	cvelist
EUVD	EUVD-2024-25133	3 Oct 202520:07	–	euvd
NVD	CVE-2024-27959	17 Mar 202417:15	–	nvd
Patchstack	WordPress APIExperts Square for WooCommerce Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS)	13 Mar 202400:00	–	patchstack
Positive Technologies	PT-2024-22163 · Wpexpertsio · Wpexpertsio Wc Shop Sync	17 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-27959	5 Feb 202503:46	–	redhatcve
Vulnrichment	CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability	17 Mar 202416:27	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (March 11, 2024 to March 17, 2024)	21 Mar 202415:55	–	wordfence

NVD

Vulners

Node

wpexperts wc_shop_syncRange<4.3wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "woosquare",
    "product": "WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management",
    "vendor": "Wpexpertsio",
    "versions": [
      {
        "changes": [
          {
            "at": "4.3",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.2.9",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/woosquare/wordpress-apiexperts-square-for-woocommerce-plugin-4-2-9-cross-site-scripting-xss-vulnerability

28 Apr 2026 19:23Current

8.6High risk

Vulners AI Score8.6

CVSS 3.16.1 - 7.1

EPSS0.00128

SSVC

CWE-79