Log out
Get PRO

Latest

Input validation vulnerability in eCommerce Product Catalog Plugin for WordPress 3.3.8

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 17, 2023

The eCommerce Product Catalog plugin for WordPress has a security problem in versions up to 3.3.8. It is vulnerable to a type of attack called Stored Cross-Site Scripting. This type of attack can be done by someone who has administrator-level privileges and can inject malicious code into web pages. This code will then be executed whenever someone accesses the page. This only affects certain types of WordPress installations.

Detected in:

eCommerce Product Catalog Plugin for WordPress fixed vulnerable versions: >= * <= 3.3.8

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.