Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce allows Stored XSS. This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through 2.4.6.
References
Configurations
History
29 May 2025, 20:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://patchstack.com/database/wordpress/plugin/amount-left-free-shipping-woocommerce/vulnerability/wordpress-free-shipping-bar-amount-left-for-free-shipping-for-woocommerce-2-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory | |
First Time |
Wpfactory
Wpfactory free Shipping For Woocommerce |
|
CPE | cpe:2.3:a:wpfactory:free_shipping_for_woocommerce:*:*:*:*:*:wordpress:*:* |
21 May 2025, 20:25
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 May 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-19 15:15
Updated : 2025-05-29 20:53
NVD link : CVE-2025-48253
Mitre link : CVE-2025-48253
CVE.ORG link : CVE-2025-48253
JSON object : View
Products Affected
wpfactory
- free_shipping_for_woocommerce
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')