Variation Swatches for WooCommerce
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-37975 | Hig | 0.46 | 7.1 | 0.00 | Jul 27, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions. | ||
| CVE-2021-42367 | Med | 0.42 | 6.4 | 0.01 | Dec 14, 2021 | The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to… | ||
| CVE-2019-14774 | Med | 0.40 | 6.1 | 0.01 | Aug 8, 2019 | The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter. | ||
| CVE-2025-47526 | Med | 0.35 | 5.4 | 0.00 | May 7, 2025 | Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce gs-woo-variation-swatches allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Variation Swatches for WooCommerce: from n/a through <= 3.0.4. | ||
| CVE-2024-13511 | Med | 0.28 | 4.3 | 0.00 | Jan 23, 2025 | The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. The issue exists in the settings_init() function, which processes a reset action… |
- risk 0.46cvss 7.1epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions.
- risk 0.42cvss 6.4epss 0.01
The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to…
- risk 0.40cvss 6.1epss 0.01
The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce gs-woo-variation-swatches allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Variation Swatches for WooCommerce: from n/a through <= 3.0.4.
- risk 0.28cvss 4.3epss 0.00
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. The issue exists in the settings_init() function, which processes a reset action…