Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WholesaleX – WooCommerce Wholesale Plugin (Wholesale Prices, Dynamic Pricing, Tiered Pricing) 1.3.2

  • Severity: critical
  • Status: Fixed
  • Publication: March 26, 2024

A plugin for WordPress called WholesaleX, which is used for managing wholesale prices, has a security vulnerability that allows hackers to inject harmful code. This can happen if the plugin receives input from an untrusted source. There is currently no known way for hackers to exploit this vulnerability, but if the target website has other plugins or themes with a similar issue, it could potentially lead to the deletion of important files, access to private information, or the ability to run malicious code.

Detected in:

WholesaleX – Wholesale Plugin for WooCommerce (B2B Wholesale Prices, Order Form, Catalog Mode, Tiered Pricing) fixed vulnerable versions:
WholesaleX – WooCommerce Wholesale Plugin (B2B Wholesale Prices, Order Form, Catalog Mode, Tiered Pricing) fixed vulnerable versions: >= * <= 1.3.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.