Order Minimum/maximum Amount Limits For Woocommerce CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Wpcodefactory Subscriptions

Filtered by product Order Minimum/maximum Amount Limits For Woocommerce Subscriptions

Search

Switch to Advanced Search (Beta)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-1381	3 Woocommerce, Wordpress, Wpcodefactory	3 Woocommerce, Wordpress, Order Minimum/maximum Amount Limits For Woocommerce	2026-01-29	4.4 Medium
The Order Minimum/Maximum Amount Limits for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 4.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Shop Manager-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Page 1 of 1.