Security Advisory

CVE-2019-18834

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-23 19:42:47

Last updated 2024-08-05 02:02:39

Assigner mitre

State PUBLISHED

Description

Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php.

← Browse all CVEs View on cve.org ↗