Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WooCommerce 8.4.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: January 12, 2024

A security flaw has been discovered in the WooCommerce plugin for WordPress. This flaw, found in all versions before 8.4.0, allows attackers to inject harmful web scripts into pages if they can trick a user into clicking on a link. This issue has been fixed in version 8.4.0, so it is important to update the plugin to this version. Please note that there was a mistake in the initial report, which stated that version 8.5.0 was patched when in fact version 8.4.0 was the one that fixed the issue. This only affects versions up to 8.3.0. You can update to version 8.4.0 to protect against this vulnerability.

Detected in:

WooCommerce fixed vulnerable versions: >= * < 8.4.0

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.