0.001 Low
EPSS
Percentile
31.5%
woocommerce/woocommerce is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the Photoswipe caption parameter.
woocommerce.wordpress.com/2019/02/20/woocommerce-3-5-5-security-fix-release/