PT-2026-40617 · Husky · Husky – Products Filter For Woocommerce Professional

Shahab.Ra.9

Publicado

2026-05-13

Atualizado

2026-05-13

CVE-2020-37174

CVSS v3.1

5.5

Média

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

WOOF Products Filter for WooCommerce 1.2.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering XSS payloads in design tab textfields. Attackers can inject JavaScript code through fields like 'Text for block toggle' and 'Custom front css styles' that executes on frontend pages when saved, affecting all site visitors.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2020-37174

Produtos afetados

Husky – Products Filter For Woocommerce Professional

PT-2026-40617 · Husky · Husky – Products Filter For Woocommerce Professional

CVE-2020-37174

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5