Vulnerability Details CVE-2019-14774
The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://wpvulndb.com/vulnerabilities/9855
- https://www.pluginvulnerabilities.com/2019/07/30/reflected-cross-site-scripting-xss-vulnerability-in-woocommerce-variation-swatches/
- https://wpvulndb.com/vulnerabilities/9855
- https://www.pluginvulnerabilities.com/2019/07/30/reflected-cross-site-scripting-xss-vulnerability-in-woocommerce-variation-swatches/
Products affected by CVE-2019-14774
-
cpe:2.3:a:getwooplugins:woo-variation-swatches:1.0.61