Vulnerabilities and security researches forwc-return-product wc-return-product

Nov 10, 2025

CVE, Research URL: CVE-2025-59004
Home page URL: Security reports for WC Return products
Application: WC Return products
Date: Oct 22, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pco_58 WC Return products wc-return-product allows Reflected XSS.This issue affects WC Return products: from n/a through <= 1.5.
Affected versions: max 1.5.
Status: vulnerable