CVE-2021-24300

CVE-2021-24300: PickPlugins Product Slider for WooCommerce < 1.13.22 - Reflected Cross-Site Scripting (XSS)

Vendor Pickplugins
Product PickPlugins Product Slider for WooCommerce
Weakness CWE-79 · XSS
Published May 24, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue

Key dates

02Disclosure timeline

May 24, 2021 CVE published
August 3, 2024 Record updated