Vulnerability Details CVE-2025-48254
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a through <= 2.2.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.3%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-48254
-
cpe:2.3:a:wpfactory:change_add_to_cart_button_text_for_woocommerce:2.1.0
-
cpe:2.3:a:wpfactory:change_add_to_cart_button_text_for_woocommerce:2.1.1
-
cpe:2.3:a:wpfactory:change_add_to_cart_button_text_for_woocommerce:2.2.0
-
cpe:2.3:a:wpfactory:change_add_to_cart_button_text_for_woocommerce:2.2.1
-
cpe:2.3:a:wpfactory:change_add_to_cart_button_text_for_woocommerce:2.2.2