CVE-2024-43127

Name of the Vulnerable Software and Affected Versions WPFactory Products, Order & Customers Export for WooCommerce versions 2.0.11 and earlier

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Reflected XSS attacks.

Recommendations For versions 2.0.11 and earlier, update to a version later than 2.0.11 to resolve the issue. As a temporary workaround, consider restricting access to sensitive web page generation functionality until a patch is available.