Vulnerabilities and security researches forwordlive-livecall-addon-for-woocommerce wordlive-livecall-addon-for-woocommerce

Jun 07, 2024

CVE, Research URL: 47ef347ab4c22d50e841ed3b78a1c4c225ec0026
Home page URL: Security reports for WordLive | Livecall Addon for Woocommerce
Application: WordLive | Livecall Addon for Woocommerce
Date: Jul 18, 2023
Research Description: WordLive | Livecall Addon for Woocommerce [wordlive-livecall-addon-for-woocommerce] <= 1.2.1 (unfixed) WordPress ï»¿ WordLive | Livecall Addon for Woocommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) No patched version available. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress ï»¿ WordLive | Livecall Addon for Woocommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.
Affected versions: max 1.2.1.
Status: vulnerable