Unrated severityNVD Advisory· Published Jul 23, 2020· Updated Aug 5, 2024
CVE-2019-18834
CVE-2019-18834
Description
Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WooCommerce Subscriptions plugindescription
- Range: <2.6.3
Patches
Vulnerability mechanics
References
3- woocommerce.com/products/woocommerce-subscriptions/mitrex_refsource_MISC
- www.precursorsecurity.com/blogmitrex_refsource_MISC
- www.precursorsecurity.com/blog/woocommerce-subscriptions-persistent-xss-cve-2019-18834mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.