Cross-site scripting (XSS) vulnerability in the WooCommerce plugin prior to 2.2.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
woothemes woocommerce plugin 2.1.1 |
||
woothemes woocommerce plugin 2.1.11 |
||
woothemes woocommerce plugin 2.1.2 |
||
woothemes woocommerce plugin 2.1.7 |
||
woothemes woocommerce plugin 2.1.9 |
||
woothemes woocommerce plugin 2.1.3 |
||
woothemes woocommerce plugin 2.1.4 |
||
woothemes woocommerce plugin 2.1.5 |
||
woothemes woocommerce plugin 2.1.6 |
||
woothemes woocommerce plugin 2.1.0 |
||
woothemes woocommerce plugin 2.2.1 |
||
woothemes woocommerce plugin |
||
woothemes woocommerce plugin 2.1.10 |
||
woothemes woocommerce plugin 2.1.12 |
||
woothemes woocommerce plugin 2.1.8 |
||
woothemes woocommerce plugin 2.2.0 |