Text only | Text with Images

WordPress Community Forum

WordPress Support => WordPress Vulnerability => Topic started by: Kailash on Jun 15, 2022, 10:09 AM

Title: WordPress Flexible Shipping plugin <= 4.11.8 - XSS vulnerability
Post by: Kailash on Jun 15, 2022, 10:09 AM
WordPress Flexible Shipping plugin <= 4.11.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Plugin name: Table Rate Shipping Method for WooCommerce by Flexible Shipping
Vulnerable versions: <= 4.11.8
Fixed in: 4.11.9
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-14

Vulnerability Details

Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Flexible Shipping plugin versions <= 4.11.8.

Solution

Update the WordPress Flexible Shipping plugin to the latest available version (at least 4.11.9).

Plugin Link: https://wordpress.org/plugins/flexible-shipping/
Text only | Text with Images