2 matches found
CVE-2024-9214 Extra Product Options Builder for WooCommerce <= 1.2.133 - Unauthenticated Stored Cross-Site Scripting
The Extra Product Options Builder for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'RednaoSerializedFields' parameter during the creation of a signature file in all versions up to, and including, 1.2.133 due to insufficient input sanitization and output...
WordPress Extra Product Options Builder for WooCommerce Plugin <= 1.2.133 is vulnerable to Cross Site Scripting (XSS)
Software Extra Product Options Builder for WooCommerce Type Plugin Vulnerable versions = 1.2.133 Fixed in 1.2.134 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9214 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...