CVE-2024-37297 | WooCommerce up to 8.8.4/8.9.2 Sourcebuster.js cross site scripting (GHSA-cv23-q6gh-xfrf)

Inserito da Angelo Barbosa | Giu 12, 2024 | CVE

A vulnerability has been found in WooCommerce up to 8.8.4/8.9.2 and classified as problematic. This vulnerability affects unknown code of the file Sourcebuster.js. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-37297. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37297 | WooCommerce up to 8.8.4/8.9.2 Sourcebuster.js cross site scripting (GHSA-cv23-q6gh-xfrf)

Post correlati

CVE-2024-29004 | SolarWinds Platform up to 2024.1.1 Web Console cross site scripting

CVE-2024-2087 | Brizy Plugin up to 2.4.43 on WordPress Form cross site scripting

CVE-2023-49435 | Tenda AX9 22.03.01.46 command injection

CVE-2024-39807 | Mattermost up to 9.5.5/9.8.0 information disclosure