12 matches found
VulnCheck KEV: CVE-2026-25455
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.61...
CVE-2026-25455
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.61...
EUVD-2026-15734
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.60...
PT-2026-27951
Name of the Vulnerable Software and Affected Versions PickPlugins Product Slider for WooCommerce versions through 1.13.60 Description The software contains a flaw related to incorrectly configured access control security levels, leading to a missing authorization issue. This allows for potential...
CVE-2024-45459
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.50...
CVE-2024-45459
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.50...
CVE-2024-45459
CVE-2024-45459 concerns the WordPress plugin Product Slider for WooCommerce by PickPlugins, affected versions 1.13.50 and earlier. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper input neutralization during web page generation, enabling attacker-supplied sc...
PT-2024-31649 · Pickplugins · Pickplugins Product Slider For Woocommerce
Name of the Vulnerable Software and Affected Versions: PickPlugins Product Slider for WooCommerce versions 1.13.50 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS,...
WordPress PickPlugins Product Slider for WooCommerce Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WooCommerce WordPress plugin for PickPlugins Product slider...
Cross site scripting
The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WooCommerce WordPress plugin for PickPlugins Product slider...
PickPlugins Product Slider for WooCommerce < 1.13.22 - Reflected Cross-Site Scripting (XSS)
The slider import search feature of the plugin settings did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/edit.php?posttype=wcps=importlayouts="onmouseover=alert1;//...