Product Addons & Fields For Woocommerce Security Vulnerabilities and Issues — Product Addons & Fields For Woocommerce CVE List

Lucene search

ThemeisleProduct Addons & Fields For Woocommerce

2 matches found

CVE•added 2023/05/30 8:15 a.m.•44 views

CVE-2023-2256

The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.7 does not sanitize and escape some URL parameters, leading to Reflected Cross-Site Scripting.

6.1CVSS6.4AI score0.15096EPSS

CVE•added 2023/05/15 1:15 p.m.•39 views

CVE-2023-1839

The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example...

4.8CVSS5AI score0.00071EPSS