3 matches found
CVE-2024-2838
The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'woococomponents0name' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...
WordPress WPC Composite Products for WooCommerce Plugin <= 7.2.7 is vulnerable to Cross Site Scripting (XSS)
Software WPC Composite Products for WooCommerce Type Plugin Vulnerable versions = 7.2.7 Fixed in 7.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2838 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c5256a4c7c7a...
CVE-2024-2838
The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'woococomponents0name' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...