PT-2025-39600 · Webmaniabr +1 · Nota Fiscal Eletrônica Woocommerce +1

Nabil Irawan

Published

2025-09-26

Updated

2025-09-26

CVE-2025-60158

CVSS v3.1

5.9

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

**Name of the Vulnerable Software and Affected Versions**

webmaniabr Nota Fiscal Eletrônica WooCommerce versions through 3.4.0.6

**Description**

The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks. The affected component is susceptible to malicious code injection through web pages.

**Recommendations**

Update webmaniabr Nota Fiscal Eletrônica WooCommerce to a version later than 3.4.0.6.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-60158

Affected Products

Nota Fiscal Eletrônica Woocommerce

Woocommerce

PT-2025-39600 · Webmaniabr +1 · Nota Fiscal Eletrônica Woocommerce +1

Weakness Enumeration

Related Identifiers

Affected Products

References · 3