PT-2026-4055 · WordPress · Gls Shipping For Woocommerce
Published
2026-01-22
·
Updated
2026-01-25
·
CVE-2025-68011
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
GLS Shipping for WooCommerce versions through 1.4.0
Description
The software contains a flaw related to improper input handling during web page generation, which can lead to Reflected Cross-Site Scripting (XSS). This allows an attacker to inject malicious scripts into web pages viewed by other users. The vulnerability exists in GLS Shipping for WooCommerce.
Recommendations
Update GLS Shipping for WooCommerce to a version newer than 1.4.0.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gls Shipping For Woocommerce