CVE-2019-1010124

Published: Jul 23, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting (XSS). The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in.

Vendor	Product	Versions
WebAppick	WooCommerce Product Feed	affected `≤ 2.2.18`

References

https://www.youtube.com/watch?v=T-sqQDFRRBg

https://wpvulndb.com/vulnerabilities/9856

http://packetstormsecurity.com/files/154263/WordPress-WooCommerce-Product-Feed-2.2.18-Cross-Site-Scripting.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-1010124

Description

Affected Products

References