Authenticated Stored Cross-Site Scripting (XSS) vulnerability found by ThreatPress Research Team in WordPress WooCommerce Product Attachment plugin (versions <= 1.1.2).
Solution
3 June 2018 - plugin still closed by WordPress Security team, no patched version available.
Classification
Type XSS (Cross Site Scripting) OWASP Top 10 A3: Cross Site Scripting (XSS)