WordPress Plugin Vulnerabilities

Variation Swatches for WooCommerce < 2.1.2 - Subscriber+ Stored Cross-Site Scripting

Description

The plugin does not have authorisation and CSRF checks in the tawcvs_save_settings, update_attribute_type_setting and update_product_attr_type AJAX actions, allowing any authenticated users to call them. The tawcvs_save_settings could especially be used to update the plugin’s settings and add XSS payloads

Affects Plugins

Plugin icon
variation-swatches-for-woocommerce
Fixed in 2.1.2

References

CVE
CVE-2021-42367
URL
https://www.wordfence.com/blog/2021/12/xss-vulnerability-patched-in-plugin-designed-to-enhance-woocommerce/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
8.0 (high)

Miscellaneous

Original Researcher
Chloe Chamberland (Wordfence)
Verified
Yes
WPVDB ID
25ad93fa-aa70-4ca4-b50a-4f0aeac4e975

Timeline

Publicly Published
2021-12-01 (about 4 years ago)
Added
2021-12-01 (about 4 years ago)
Last Updated
2022-04-11 (about 3 years ago)

Other

Published
Title
Published
2024-04-24
Title
Interactive World Maps < 2.5 - Reflected Cross-Site Scripting
Published
2025-01-30
Title
Frictionless <= 0.0.23 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-12-31
Title
Page Title Splitter <= 2.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-05-15
Title
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor < 1.26.5 - Authenticated (Contributer+) Stored Cross-Site Scripting
Published
2024-09-23
Title
AnWP Football Leagues < 0.16.8 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload