WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WooCommerce 1.7.9 and earlier versions have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in its Custom Product Tabs. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data in the Custom Product Tabs, which can be exploited to inject cross-site code and launch XSS attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress1 woocommerce plugin | le | 1.7.9 |