Laposta WooCommerce, CVE-2025-49434

CVE, Research URL: CVE-2025-49434
Home page URL: Security reports for Laposta WooCommerce
Application: Laposta WooCommerce
Published on: Aug 20, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stijnvanderree Laposta WooCommerce allows Stored XSS. This issue affects Laposta WooCommerce: from n/a through 1.9.1.
Affected versions: Min -, max 1.9.1.
Status: vulnerable