Vulnerability Details CVE-2019-14948
The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.0%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://wordpress.org/plugins/woocommerce-product-addon/#developers
- https://wpvulndb.com/vulnerabilities/9502
- https://www.pluginvulnerabilities.com/2019/08/08/this-authenticated-persistent-xss-vulnerability-might-be-what-hackers-are-targeting-ppom-for-woocommerce-for/
- https://wordpress.org/plugins/woocommerce-product-addon/#developers
- https://wpvulndb.com/vulnerabilities/9502
- https://www.pluginvulnerabilities.com/2019/08/08/this-authenticated-persistent-xss-vulnerability-might-be-what-hackers-are-targeting-ppom-for-woocommerce-for/
Products affected by CVE-2019-14948
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:1.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:1.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:10.10
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:10.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:10.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:10.8
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:10.9
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.8
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:11.9
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.8
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:12.9
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:13.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:14.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:14.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:14.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:14.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.4.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:15.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.8
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:16.9
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:17.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:18.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:18.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:18.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:18.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.7
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.8
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:2.9
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:3.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.0
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.1
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.2
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.3
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.4
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.5
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:4.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:5.6
-
cpe:2.3:a:najeebmedia:ppom_for_woocommerce:8.3