PT-2024-35849 · WordPress · Woocommerce Ultimate Gift Card
Bonds
·
Published
2024-12-02
·
Updated
2024-12-02
·
CVE-2024-53740
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates versions up to 2.9.0
Description
The issue is related to improper neutralization of input during web page generation, allowing reflected Cross-site Scripting (XSS). This enables remote attacks.
Recommendations
For versions up to 2.9.0, upgrade the affected plugin immediately to mitigate risks.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Woocommerce Ultimate Gift Card