Medium severity6.1NVD Advisory· Published Mar 6, 2025· Updated Jun 17, 2026
CVE-2024-13868
CVE-2024-13868
Description
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=9.0.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/0bff1645-dd53-4416-a90f-7cf4a6b33c1a/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.