Persistent XSS in the WooCommerce Subscriptions plugin prior to 2.6.3 for WordPress allows remote malicious users to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
woocommerce subscriptions |