CVE-2024-1796

The HUSKY – Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'woof' shortcode in all versions up to, and including, 1.3.5.1 due to insufficient input sanitization and output escaping on user supplied attributes such as...

PT-2024-18313 · WordPress · Husky – Products Filter For Woocommerce Professional

Name of the Vulnerable Software and Affected Versions: HUSKY – Products Filter for WooCommerce Professional plugin for WordPress versions up to, and including, 1.3.5.2 Description: The issue allows authenticated attackers with contributor-level access and above to perform SQL Injection via the na...