Vulnerabilities and security researches forenweby-variation-swatches-for-woocommerce enweby-variation-swatches-for-woocommerce

Jun 07, 2024

CVE, Research URL: 521fdafe4937e90fe8246db23456daaf9e76dcf7
Home page URL: Security reports for Variation Swatches for WooCommerce Stores
Application: Variation Swatches for WooCommerce Stores
Date: Jul 18, 2023
Research Description: Variation Swatches for WooCommerce Stores [enweby-variation-swatches-for-woocommerce] < 1.0.4 WordPress Variation Swatches for WooCommerce Stores Plugin < 1.0.4 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Variation Swatches for WooCommerce Stores plugin to the latest available version (at least 1.0.4). Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Variation Swatches for WooCommerce Stores Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.0.4.
Affected versions: max 1.0.4.
Status: vulnerable