CVE-2025-26775

Medium CVSS: 5.9

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 BEAR woo-bulk-editor allows Stored XSS.This issue affects BEAR: from n/a through <= 1.1.4.4.

Vendor

Pluginus

Product

Bear - Woocommerce Bulk Editor And Products Manager Professional

CWE

CWE-79

Yayın Tarihi

2025-02-17 12:15:29

Güncelleme

2026-04-23 15:25:57

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Bear - Woocommerce Bulk Editor And Products Manager Professional MEDIUM Pluginus 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/woo-bulk-editor/vulnerability/wordpress-bear-plugin-1-1-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2025-5143

The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…

Medium

CVE-2025-3748

The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pn_chain_menu…

Critical

CVE-2025-1661

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in a…

Medium

CVE-2025-0864

The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to Refle…

Medium

CVE-2025-24605

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RealMag777 WOLF bulk-edi…

Medium

CVE-2024-13340

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plu…