CVE-2021-38340

The WordPress Simple Shop plugin for WordPress (versions up to 1.2) is vulnerable to Reflected Cross-Site Scripting via the update_row parameter in the file ~/includes/add_product.php, allowing attackers to inject arbitrary scripts. Multiple connected documents corroborate this, stating the vulne...