Vulnerabilities and security researches formoova-for-woocommerce moova-for-woocommerce

Jun 06, 2024

CVE, Research URL: CVE-2021-34664
Home page URL: Security reports for Moova for WooCommerce
Application: Moova for WooCommerce
Date: Aug 17, 2021
Research Description: The Moova for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the lat parameter in the ~/Checkout/Checkout.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.
Affected versions: max 3.8.
Status: vulnerable