3 matches found
CVE-2024-13696
The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlistname’ parameter in all versions up to, and including, 1.2.25 due to insufficient input sanitization and output escaping. This makes it...
CVE-2024-13696
creationtimestamp| type| source ---|---|--- 2025-01-29 07:24:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113910446652398317 2025-01-29 08:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgujowwooz2h 2025-01-29 09:18:17+00:00| seen|...
CVE-2024-13696 Flexible Wishlist for WooCommerce <= 1.2.25 - Unauthenticated Stored Cross-Site Scripting via wishlist_name Parameter
The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlistname’ parameter in all versions up to, and including, 1.2.25 due to insufficient input sanitization and output escaping. This makes it...