EUVD-2024-41489

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Improper neutralization of input leads to reflected Cross-site Scripting in WooCommerce Product Slider.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-45459	15 Sep 202410:55	–	circl
CNNVD	WordPress plugin Product Slider for WooCommerce 跨站脚本漏洞	15 Sep 202400:00	–	cnnvd
CVE	CVE-2024-45459	15 Sep 202407:41	–	cve
Cvelist	CVE-2024-45459 WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability	15 Sep 202407:41	–	cvelist
NVD	CVE-2024-45459	15 Sep 202408:15	–	nvd
Patchstack	WordPress Product Slider for WooCommerce Plugin <= 1.13.50 is vulnerable to Cross Site Scripting (XSS)	12 Sep 202400:00	–	patchstack
Patchstack	WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability	12 Sep 202407:06	–	patchstack
Positive Technologies	PT-2024-31649 · Pickplugins · Pickplugins Product Slider For Woocommerce	15 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-45459	5 Feb 202503:40	–	redhatcve
Vulnrichment	CVE-2024-45459 WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability	15 Sep 202407:41	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "d00ce9a9-6281-34d2-b572-f593fd84cf63",
        "vendor": {
          "name": "PickPlugins"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "7c82e86f-d910-3ff2-83fa-3a3824b95ae0",
        "product": {
          "name": "Product Slider for WooCommerce"
        },
        "product_version": "n/a ≤1.13.50"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/woocommerce-products-slider/wordpress-product-slider-for-woocommerce-by-pickplugins-plugin-1-13-50-reflected-cross-site-scripting-xss-vulnerability

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.1 - 7.1

EPSS0.0034

SSVC