VYPR

XPlainer – WooCommerce Product FAQ

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-37515MedJul 21, 2024
    risk 0.38cvss 5.8epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Optemiz XPlainer - WooCommerce Product FAQ allows Reflected XSS.This issue affects XPlainer - WooCommerce Product FAQ: from n/a through 1.6.3.

  • CVE-2024-5704MedJul 9, 2024
    risk 0.21cvss 4.3epss 0.00

    The XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions (i.e. ffw_insert_new_faq, ffw_hide_discount_notice, ffw_delete_all_faqs,…