WordPress Plugin Vulnerabilities

Advance Search for WooCommerce < 1.1 - Multiple XSS

Description

The Advance Search for WooCommerce WordPress plugin was affected by a Multiple XSS security vulnerability.

Affects Plugins

Plugin icon
woo-advance-search
Fixed in 1.1

References

CVE
CVE-2018-11486
CVE
CVE-2018-11485

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
591674e3-3d8d-42f1-8c25-3a648802aa2a

Timeline

Publicly Published
2018-06-04 (about 7 years ago)
Added
2019-08-24 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-10-31
Title
Media Modal <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2015-04-20
Title
Two Factor Authentication < 1.1.10 - XSS
Published
2025-01-16
Title
DsgnWrks Twitter Importer <= 1.1.4 - Reflected Cross-Site Scripting
Published
2025-04-10
Title
Raptive Ads < 3.7.4 - Reflected Cross-Site Scripting
Published
2024-06-06
Title
Idyllic < 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting