CVE-2025-48254

Medium CVSS: 5.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a through <= 2.2.2.

Vendor

Wpfactory

Product

Change Add To Cart Button Text For Woocommerce

CWE

CWE-79

Yayın Tarihi

2025-05-19 15:15:28

Güncelleme

2026-04-01 17:24:33

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Change Add To Cart Button Text For Woocommerce MEDIUM Wpfactory 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/add-to-cart-button-labels-for-woocommerce/vulnerability/wordpress-change-add-to-cart-button-text-for-woocommerce-2-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2025-48252

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back But…

Medium

CVE-2025-48253

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shi…

Medium

CVE-2024-13774

The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forg…

Medium

CVE-2024-13525

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in…

High

CVE-2024-13528

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versi…