cleantalk
Vulnerabilities and Security Researches

WooCommerce Attribute Stock – Shared Stock & Quantity Multipliers (Lite Version), e7b38263f0957f4a7f2fb5fffdd87c56a6b32116

CVE, Research URL

e7b38263f0957f4a7f2fb5fffdd87c56a6b32116

Home page URL

Security reports for WooCommerce Attribute Stock – Shared Stock & Quantity Multipliers (Lite Version)

Application

WooCommerce Attribute Stock – Shared Stock & Quantity Multipliers (Lite Version)

Published on
Jul 19, 2023
Research Description
WooCommerce Attribute Stock &#8211; Shared Stock &amp; Variable Quantities (Lite Version) [attribute-stock-for-woocommerce] < 1.3.0 WordPress WooCommerce Attribute Stock - Share Stock Between Products (Lite Version) Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) Update the WordPress WooCommerce Attribute Stock - Share Stock Between Products (Lite Version) plugin to the latest available version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WooCommerce Attribute Stock - Share Stock Between Products (Lite Version) Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.3.0.
Affected versions
max 1.3.0.
Status
vulnerable
Previous vulnerability researches
WooCommerce Attribute Stock &#8211; Shared Stock &amp; Quantity Multipliers (Lite Version) (e7b38263f0957f4a7f2fb5fffdd87c56a6b32116) , Jun 07, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026