WordPress Plugin Vulnerabilities

WooCommerce <= 2.2.2 - Reflected Cross-Site Scripting (XSS)

Description

The WooCommerce WordPress plugin was affected by a Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
woocommerce
Fixed in 2.2.3

References

CVE
CVE-2014-6313
URL
https://seclists.org/fulldisclosure/2014/Sep/59

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
1c0eced1-f1ff-475b-ba41-2d821bec5094

Timeline

Publicly Published
2014-09-17 (about 11 years ago)
Added
2014-12-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-09-09
Title
Community by PeepSo – Social Network, Membership, Registration, User Profiles < 6.4.6.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter
Published
2023-02-06
Title
eCommerce Product Catalog < 3.3.5 - Admin+ Stored XSS
Published
2025-03-31
Title
Gallery – Photo Albums Plugin <= 1.3.170 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2022-12-21
Title
WP Attachments < 5.0.6 - Admin+ Stored XSS
Published
2021-08-16
Title
WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS)