cleantalk
Vulnerabilities and Security Researches

WooCommerce Shipping & Tax, d6228e99d68810fc638ec1e0c7ddcc9b649a8527

Published on
May 24, 2023
Research Description
WooCommerce Shipping &amp; Tax [woocommerce-services] < 2.2.5 WordPress WooCommerce Shipping & Tax Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS) Update the WordPress WooCommerce Shipping & Tax plugin to the latest available version (at least 2.2.5). Unknown discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WooCommerce Shipping & Tax Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.2.5.
Affected versions
Min -, max 2.2.5.
Status
vulnerable