← back
CVE-2024-35728

WordPress Product Addons & Fields for WooCommerce plugin <= 32.0.20 - Content Injection vulnerability

CVSS 5.3 MEDIUMEPSS 0.3%CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected products
Themeisle · PPOM for WooCommerce

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/vulnerability/woocommerce-product-addon/wordpress-product-addons-fields-for-woocommerce-plugin-32-0-20-content-injection-vulnerability?_s_id=cve