196 matches found
CVE-2025-48254
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a...
CVE-2025-48253
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce allows Stored XSS. This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through...
CVE-2025-48254
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a...
CVE-2025-48253
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shippin...
CVE-2025-48252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...
CVE-2025-48252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...
CVE-2025-48249
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through = 5.4.6...
CVE-2025-48250
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Coupons & Add to Cart by URL Links for WooCommerce url-coupons-for-woocommerce-by-algoritmika allows Stored XSS.This issue affects Coupons & Add to Cart by URL Links for WooCommerce: from...
CVE-2025-48248
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...
CVE-2025-48251
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Emails & Recipients for WooCommerce custom-emails-for-woocommerce allows Stored XSS.This issue affects Additional Custom Emails & Recipients for WooCommerce: from n/a...
CVE-2025-48239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/...
CVE-2025-48240
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Cost of Goods for WooCommerce cost-of-goods-for-woocommerce allows Stored XSS.This issue affects Cost of Goods for WooCommerce: from n/a through = 3.7.0...
CVE-2025-48254 WordPress Change Add to Cart Button Text for WooCommerce plugin <= 2.2.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a...
CVE-2025-48254
CVE-2025-48254 affects the WordPress plugin Change Add to Cart Button Text for WooCommerce. Connected sources confirm an improper input neutralization leading to a stored XSS vulnerability in web page generation, applicable to versions n/a through 2.2.2. Public details list CVSS metrics (several ...
CVE-2025-48251 WordPress Additional Custom Emails & Recipients for WooCommerce plugin <= 3.5.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Emails & Recipients for WooCommerce custom-emails-for-woocommerce allows Stored XSS.This issue affects Additional Custom Emails & Recipients for WooCommerce: from n/a...
CVE-2025-48250
CVE-2025-48250 affects the WPFactory Coupons & Add to Cart by URL Links for WooCommerce plugin (versions up to and including 1.7.7). Root cause: improper neutralization of input during web page generation, enabling stored XSS. Severity: CVSS 3.1 base score 6.5 (Medium); impact: confidentiality, i...
CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...
CVE-2025-48239 WordPress Product Notes Tab & Private Admin Notes for WooCommerce <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce allows Stored XSS. This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/a through 3.1.0...
PT-2025-21962 · WordPress · Wpfactory Coupons & Add To Cart By Url Links For Woocommerce
Name of the Vulnerable Software and Affected Versions: WPFactory Coupons & Add to Cart by URL Links for WooCommerce versions 1.7.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS...
CVE-2025-47504
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Custom Checkout Fields for WooCommerce custom-checkout-fields-for-woocommerce allows Stored XSS.This issue affects Custom Checkout Fields for WooCommerce: from n/a through = 1.8.3...