Vulnerabilities and security researches forcustom-product-builder-for-woocommerce custom-product-builder-for-woocommerce

Jun 07, 2024

CVE, Research URL: 268f00f8fc78886d3f1f5c01ed12f1b18105d331
Home page URL: Security reports for Custom Product Builder – Designer and Order Customized
Application: Custom Product Builder – Designer and Order Customized
Date: Jul 18, 2023
Research Description: Custom Product Builder – Designer and Order Customized [custom-product-builder-for-woocommerce] < 1.0.5 WordPress Custom Product Builder For WooCommerce Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Custom Product Builder For WooCommerce plugin to the latest available version (at least 1.0.5). Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Custom Product Builder For WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.0.5.
Affected versions: max 1.0.5.
Status: vulnerable