VYPR

Product Tabs For Woocommerce

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-58985MedSep 9, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from…

  • CVE-2022-4329MedJan 2, 2023
    risk 0.40cvss 6.1epss 0.00

    The Product list Widget for Woocommerce WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users (such as high…

  • CVE-2022-4629MedJan 23, 2023
    risk 0.35cvss 5.4epss 0.00

    The Product Slider for WooCommerce WordPress plugin before 2.6.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which…

  • CVE-2022-2382MedAug 22, 2022
    risk 0.28cvss 4.3epss 0.00

    The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options.