4 matches found
EUVD-2025-12328
Malicious code in bioql PyPI...
CVE-2025-3814
The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-3814
CVE-2025-3814 affects the Tax Switch for WooCommerce WordPress plugin. A stored cross-site scripting vulnerability exists in the class-name parameter in all versions up to and including 1.4.2 due to insufficient input sanitization and output escaping. Exploitation requires authentication at Contr...
CVE-2025-3814 Tax Switch for WooCommerce <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via class-name Parameter
The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...