cleantalk
Vulnerabilities and Security Researches

Variation Swatches for WooCommerce Stores, 521fdafe4937e90fe8246db23456daaf9e76dcf7

CVE, Research URL

521fdafe4937e90fe8246db23456daaf9e76dcf7

Home page URL

Security reports for Variation Swatches for WooCommerce Stores

Application

Variation Swatches for WooCommerce Stores

Published on
Jul 18, 2023
Research Description
Variation Swatches for WooCommerce Stores [enweby-variation-swatches-for-woocommerce] < 1.0.4 WordPress Variation Swatches for WooCommerce Stores Plugin < 1.0.4 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Variation Swatches for WooCommerce Stores plugin to the latest available version (at least 1.0.4). Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Variation Swatches for WooCommerce Stores Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.0.4.
Affected versions
max 1.0.4.
Status
vulnerable
Previous vulnerability researches
Variation Swatches for WooCommerce Stores (521fdafe4937e90fe8246db23456daaf9e76dcf7) , Jun 07, 2024
Variation Swatches for WooCommerce (CVE-2021-42367) , Jun 07, 2024
Variation Swatches for WooCommerce (CVE-2021-42367) , Jun 07, 2024
New vulnerability
Security & Malware scan by CleanTalk , Apr 03, 2026
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026