cleantalk
Vulnerabilities and Security Researches

Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, CVE-2022-2090

CVE, Research URL

CVE-2022-2090

Home page URL

Security reports for Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts

Application

Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts

Published on
Jul 17, 2022
Research Description
The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting
Affected versions
Min -, max 2.2.1.
Status
vulnerable
Previous vulnerability researches
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts (CVE-2020-36834) , May 07, 2025
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts (CVE-2022-2090) , Jun 07, 2024
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts (CVE-2024-8541) , Oct 16, 2024
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts (990b5399af40307881e6b85b4657b12b43e1bc31) , Jun 07, 2024
New vulnerability
Frontend Dashboard (CVE-2025-4104) , May 08, 2025
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2025-0671) , May 08, 2025
Pods – Custom Content Types and Fields (CVE-2025-1446) , May 08, 2025
WP-Recall – Registration, Profile, Commerce & More (CVE-2024-9771) , May 08, 2025
WordPress Tag and Category Manager – AI Autotagger (CVE-2025-0627) , May 08, 2025