Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/25 11:4 p.m.16 views

CVE-2025-39579

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through = 2.8.0...

6.5CVSS7.2AI score0.00277EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/16 1:57 p.m.11 views

WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Membership For WooCommerce versions = 2.8.0...

6.5CVSS7.2AI score0.00277EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/16 12:44 p.m.21 views

CVE-2025-39579 WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through = 2.8.0...

6.5CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.51 views

CVE-2025-39579

CVE-2025-39579 is a DOM-based XSS in WordPress plugin Membership For WooCommerce (versions up to 2.8.0). The vulnerability arises from improper input neutralization during web page generation and is exploitable by an authenticated user with low privileges, requiring user interaction. CVSS v3.1 ba...

6.5CVSS7.2AI score0.00277EPSS
Exploits0References1
Rows per page
Query Builder