Skip to main content

Advanced Product Labels For Woocommerce

1 CVEs product

Monthly

CVE-2022-0399 MEDIUM POC PATCH This Month

The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the tax_color_set_type parameter before outputting it back in the berocket_apl_color_listener. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Advanced Product Labels For Woocommerce
NVD WPScan
CVSS 3.1
6.1
EPSS
0.9%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the tax_color_set_type parameter before outputting it back in the berocket_apl_color_listener. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Advanced Product Labels For Woocommerce
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy