cleantalk
Vulnerabilities and Security Researches

WooCommerce, 0b51f01a-24d9-4101-bdcf-728b21efc5ed

CVE, Research URL

0b51f01a-24d9-4101-bdcf-728b21efc5ed

Home page URL

Security reports for WooCommerce

Application

WooCommerce

Published on
-
Research Description
WooCommerce [woocommerce] < 8.4.0 WooCommerce &lt; 8.4.0 - Reflected Cross-Site Scripting The plugin does not properly sanitize user-input provided by the add_query_arg() function when echoed back into JavaScript code context.
Affected versions
max 8.4.0.
Status
vulnerable
Previous vulnerability researches
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (CVE-2024-13362) , May 03, 2026
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (067b21bad31febc63c1cd2b3a0a852869e1df9cc) , Jun 06, 2024
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (CVE-2022-4749) , Jun 06, 2024
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (e7273a52d37b10c428e20c81e144ab0d172f52c8) , Jun 16, 2026
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (CVE-2024-23502) , Jun 06, 2024
New vulnerability
MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance (1d55a989b0f961e994aae432abe19f9c12b4dad5) , Jun 16, 2026
MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance (18b73427c6ab0cb40bbca65611517a8bcc3cbc53) , Jun 16, 2026
MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance (9b248cecab4abd7f6880563d1e52efa6690ccf7e) , Jun 16, 2026
MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance (e9bce607-21bb-4ebd-af90-dcacb73f77c9) , Jun 16, 2026
Intuitive Custom Post Order (fb854943a69160d6e51117be558eee05e1b4c200) , Jun 16, 2026