3 matches found
CVE-2024-10899
creationtimestamp| type| source ---|---|--- 2024-11-20 06:48:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113513943957082234 2024-11-20 08:43:26+00:00| seen| https://t.me/cvedetector/11564...
CVE-2024-10899
CVE-2024-10899 affects WordPress plugin WooCommerce Product Table Lite up to version 3.8.6. It allows unauthenticated attackers to execute arbitrary shortcodes due to unvalidated input before do_shortcode, and the same id parameter is vulnerable to Reflected XSS. The remediation is to upgrade to ...
CVE-2024-10899 WooCommerce Product Table Lite <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...