cleantalk
Vulnerabilities and Security Researches

Serial Codes Generator and Validator with WooCommerce Support, CVE-2023-4376

CVE, Research URL

CVE-2023-4376

Home page URL

Security reports for Serial Codes Generator and Validator with WooCommerce Support

Application

Serial Codes Generator and Validator with WooCommerce Support

Published on
Sep 20, 2023
Research Description
The Serial Codes Generator and Validator with WooCommerce Support WordPress plugin before 2.4.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 2.4.15.
Status
vulnerable
Previous vulnerability researches
Serial Codes Generator and Validator with WooCommerce Support (CVE-2025-30854) , Apr 03, 2025
Serial Codes Generator and Validator with WooCommerce Support (CVE-2023-4376) , Jun 07, 2024
Serial Codes Generator and Validator with WooCommerce Support (ba6efb0a623380b705452ba37eb8f74b11aae946) , Jun 07, 2024
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025