VYPR

Additional Product Fields For Woocommerce

by WordPress

CVEs (3)

  • CVE-2024-9214MedOct 24, 2024
    risk 0.33cvss 6.1epss 0.00

    The Extra Product Options Builder for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'RednaoSerializedFields' parameter during the creation of a signature file in all versions up to, and including, 1.2.133 due to insufficient input…

  • CVE-2024-31940MedApr 15, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in RedNao Extra Product Options Builder for WooCommerce.This issue affects Extra Product Options Builder for WooCommerce: from n/a through 1.2.104.

  • CVE-2023-2256May 30, 2023
    risk 0.02cvss epss 0.01

    The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.7 does not sanitize and escape some URL parameters, leading to Reflected Cross-Site Scripting.