3 matches found
CVE-2021-42367
creationtimestamp| type| source ---|---|--- 2021-12-14 18:15:31+00:00| seen| https://t.me/cibsecurity/33941...
CVE-2021-42367 Variation Swatches for WooCommerce <= 2.1.1 Authenticated Stored Cross-Site Scripting
The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the /includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to missing authorization...
CVE-2021-42367
The CVE-2021-42367 entry concerns the WordPress Variation Swatches for WooCommerce plugin. A Stored Cross-Site Scripting (XSS) flaw exists in versions up to 2.1.1, triggered via multiple parameters in the includes/class-menu-page.php file. The vulnerability arises from missing authorization check...