Medium severity4.8NVD Advisory· Published Jan 4, 2017· Updated Jun 17, 2026
CVE-2016-10112
CVE-2016-10112
Description
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/95292nvdThird Party AdvisoryVDB Entry
- wordpress.org/plugins/woocommerce/changelog/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.