ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Variation Swatches for WooCommerce plugin <= 1.0.61 - Reflected Cross-Site Scripting (XSS) vulnerability

Product
Variation Swatches for WooCommerce
Description
Reflected Cross-Site Scripting (XSS) vulnerability found in WordPress Variation Swatches for WooCommerce plugin (versions <= 1.0.61).
Solution
Update the WordPress Variation Swatches for WooCommerce plugin to the latest available version (at least 1.0.62).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-2019-14774
Versions
Affected In <= 1.0.61
Fixed In 1.0.62
Disclosure date
2019-08-30
Submitter
ThreatPress