The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NPickplugins Product Slider For Woocommerce
APPPickplugins< 1.13.22
Related vulnerabilities
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlug...
The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape...
The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To...
The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for Word...
The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, a...