CVE-2021-24300

Summary

The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue

Affected Software

VendorProductVersion RangeStatus
PickPluginsPickPlugins Product Slider for WooCommerce1.13.22 < 1.13.22affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References