VYPR

Aco Product Labels For Woocommerce

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-53817HigDec 6, 2024
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through <= 1.5.8.

  • CVE-2024-12109MedMar 25, 2025
    risk 0.27cvss 4.1epss 0.00

    The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks