cleantalk
Vulnerabilities and Security Researches

ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks, 017045168c64e0e4ed8e001360b529fe2937085e

CVE, Research URL

017045168c64e0e4ed8e001360b529fe2937085e

Home page URL

Security reports for ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks

Application

ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks

Published on
May 22, 2022
Research Description
ProductX – WooCommerce Builder &amp; Gutenberg WooCommerce Blocks [product-blocks] < 3.0.0 ProductX – Gutenberg WooCommerce Blocks – WooCommerce Builder, Wishlist for WooCommerce, Products Comparison, Quick View, Online Store – All in One Solution <= 2.2.5 - Multiple Cross-Site Scripting ProductX – Gutenberg WooCommerce Blocks – WooCommerce Builder, Wishlist for WooCommerce, Products Comparison, Quick View, Online Store – All in One Solution in versions up to and including 2.2.5 is vulnerable to Cross-Site Scripting due to insufficient sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max 3.0.0.
Status
vulnerable
Previous vulnerability researches
ProductX – WooCommerce Builder &amp; Gutenberg WooCommerce Blocks (CVE-2023-45271) , Jun 10, 2024
ProductX – WooCommerce Builder &amp; Gutenberg WooCommerce Blocks (CVE-2024-23512) , Jun 07, 2024
ProductX – WooCommerce Builder &amp; Gutenberg WooCommerce Blocks (017045168c64e0e4ed8e001360b529fe2937085e) , Jun 07, 2024
ProductX – WooCommerce Builder &amp; Gutenberg WooCommerce Blocks (CVE-2025-39571) , Apr 18, 2025
Product Blocks for WooCommerce (CVE-2025-22674) , Feb 06, 2025
New vulnerability
WP Simple Booking Calendar (CVE-2025-39541) , Apr 20, 2025
WordPress Job Board and Recruitment Plugin &#8211; JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025