Text only | Text with Images

WordPress Community Forum

WordPress Support => WordPress Vulnerability => Topic started by: Kailash on Jun 15, 2022, 10:15 AM

Title: WordPress Checkout Fields Manager for WooCommerce plugin <= 5.5.6 Vulnerability
Post by: Kailash on Jun 15, 2022, 10:15 AM
WordPress Checkout Fields Manager for WooCommerce plugin <= 5.5.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Plugin name: Checkout Fields Manager for WooCommerce
Vulnerable versions: <= 5.5.6
Fixed in: 5.5.7
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-14

Vulnerability Details

Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Checkout Fields Manager for WooCommerce plugin (versions <= 5.5.6).

Solution

Update the WordPress Checkout Fields Manager for WooCommerce plugin to the latest available version (at least 5.5.7).

Plugin Link: https://wordpress.org/plugins/woocommerce-checkout-manager/
Text only | Text with Images