cleantalk
Vulnerabilities and Security Researches

HUSKY – Products Filter for WooCommerce Professional, CVE-2020-37174

CVE, Research URL

CVE-2020-37174

Home page URL

Security reports for HUSKY – Products Filter for WooCommerce Professional

Application

HUSKY – Products Filter for WooCommerce Professional

Published on
May 13, 2026
Research Description
WOOF Products Filter for WooCommerce 1.2.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering XSS payloads in design tab textfields. Attackers can inject JavaScript code through fields like 'Text for block toggle' and 'Custom front css styles' that executes on frontend pages when saved, affecting all site visitors.
Affected versions
max 1.2.3.
Status
vulnerable
Previous vulnerability researches
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) (CVE-2026-5371) , May 13, 2026
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) (CVE-2022-3904) , Jun 07, 2024
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) (CVE-2023-0081) , Jun 07, 2024
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) (CVE-2014-9174) , Jun 07, 2024
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) (CVE-2023-23999) , Jun 07, 2024
New vulnerability
Media Sync (CVE-2026-6670) , May 15, 2026
Royal Elementor Addons and Templates (CVE-2026-6504) , May 15, 2026
Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress (CVE-2026-7619) , May 15, 2026
HUSKY – Products Filter for WooCommerce Professional (CVE-2020-37174) , May 15, 2026
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder (CVE-2026-6828) , May 15, 2026