Unrated severityNVD Advisory· Published Jul 4, 2024· Updated Apr 28, 2026
WordPress Woffice Core plugin <= 5.4.8 - Site Wide Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-37471
Description
Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice Core allows Reflected XSS.This issue affects Woffice Core: from n/a through 5.4.8.
Affected products
2<=5.4.8+ 1 more
- (no CPE)range: <=5.4.8
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.