CVE-2024-13355 | Admin and Customer Messages After Order for WooCommerce Plugin File Upload cross site scripting

Posted by Angelo Barbosa | Jan 16, 2025 | CVE

A vulnerability was found in Admin and Customer Messages After Order for WooCommerce Plugin up to 13.2 on WordPress. It has been classified as problematic. This affects an unknown part of the component File Upload. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-13355. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-13355 | Admin and Customer Messages After Order for WooCommerce Plugin File Upload cross site scripting

Related Posts

CVE-2024-1208 | LearnDash LMS Plugin up to 4.10.2 on WordPress API information disclosure

CVE-2023-3742 | Google Chrome prior 114.0.5735.90 on ChromeOS Device Policy Enforcement access control

CVE-2023-52137 | tj-actions verify-changed-files up to 16.x input validation (GHSA-ghm2-rq8q-wrhc)

CVE-2024-33558 | 8theme XStore Core Plugin up to 5.3.5 on WordPress authorization