← Back

Woocommerce Products Filter

woocommerce_products_filter

Vendor: Pluginus • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-11400
1Pluginus
1Woocommerce Products Filter
Nov 25, 2024
Nov 19, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the really_curr_tax parameter in all versions up to, and including, 1.3.6.3 due to insuffi...Show more
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the really_curr_tax parameter in all versions up to, and including, 1.3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.Show less
CVE-2021-25085
1Pluginus
1Woocommerce Products Filter
Nov 21, 2024
Feb 1, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting