CVE-2025-62957

Cross-Site Request Forgery CSRF vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through = 1.0.0...

PT-2025-43831

Cross-Site Request Forgery CSRF vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through = 1.0.0...

CURCY < 2.1.18 - Reflected Cross-Site Scripting

The plugin does not escape some generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wc-reports&a"alert/XSS/...

Cross-site Scripting (XSS)

woocommerce is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary webscript through the range parameter in the wc-reports page...

Cross-Site Scripting (XSS)

woocommerce is vulnerable to cross-site scripting XSS attacks. The attacks can be launched because wp-admin/admin.php does not sanitize the QUERYSTRING in the wc-reports page...

WordPress plugin WooCommerce cross-site scripting vulnerability (CNVD-2015-01281)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.WooCommerce is one of the e-commerce plug-ins. A cross-site scripting vulnerability exists in WordPress WooCommerce...

Cross site scripting

Cross-site scripting XSS vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php...