CVE-2024-13413 ProductDyno <= 1.0.24 - Reflected Cross-Site Scripting via 'res' Parameter

The ProductDyno plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘res’ parameter in all versions up to, and including, 1.0.24 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

CVE-2025-22320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProductDyno ProductDyno productdyno allows Reflected XSS.This issue affects ProductDyno: from n/a through = 1.0.24...

CVE-2025-22320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProductDyno ProductDyno productdyno allows Reflected XSS.This issue affects ProductDyno: from n/a through = 1.0.24...

CVE-2025-22320

CVE-2025-22320 refers to a Reflected XSS in the ProductDyno WordPress plugin. Public details across connected documents indicate the issue affects ProductDyno versions up to 1.0.24, with attack surface involving input handling during web page generation. Red Hat's CVE entry (CVE-2024-13413) expli...

CVE-2025-22320 WordPress ProductDyno plugin <= 1.0.24 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProductDyno ProductDyno allows Reflected XSS.This issue affects ProductDyno: from n/a through 1.0.24...