WooCommerce Plugin Search order by product SKU <= 0.2 XSS Vulnerability

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Title: WordPress Search order by product SKU for WooCommerce Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS) - Priority: Medium priority - Version: <= 0.2 - Status: No official fix available 2. Risk: - CVSS Score: 7.1 - Description: This vulnerability is of medium severity and is expected to be exploited. 3. Vulnerability Type: - Cross Site Scripting (XSS) 4. Solution: - Recommendation: Immediately mitigate or resolve this vulnerability. - Virtual Patch: Patchstack has released a virtual patch to block any attacks until an official fix becomes available. 5. Details: - Software: Search order by product SKU for WooCommerce - Type: Plugin - Affected Versions: <= 0.2 - Fix Status: N/A 6. Timeline: - Report Date: October 25, 2024 - Early Warning: Sent to Patchstack customers on November 4, 2024 - Publication Date: November 6, 2024 7. Additional Information: - Reporter: thiennv - Contact Options: Support vulnerability reporting, send thanks, or ask questions. This information provides a detailed description of the vulnerability, risk assessment, recommended solutions, and timeline, helping users understand the severity, affected software and versions, and how to mitigate or resolve the vulnerability.

Goal Reached Thanks to every supporter — we hit 100%!

WooCommerce Plugin Search order by product SKU <= 0.2 XSS Vulnerability