Global CyberSecurity

Cross Site Scripting in YITH WooCommerce Ajax Product Filter

By OTC 06/22/2020

Post Views: 835

Last Updated on 06/22/2020 by OTC

During a routine research audit for our Sucuri Web Application Firewall, we discovered a cross-site scripting (XSS) vulnerability affecting 100,000+ users of the YITH WooCommerce Ajax Product Filter plugin.

Current State of the Vulnerability

This security bug was fixed in the 3.11.1 release. We are not aware of any exploit attempts currently using this vulnerability.

Disclosure / Response Timeline

Jun 4, 2020: Initial contact.
Jun 22, 2020: Patch is live.

Continue reading Cross Site Scripting in YITH WooCommerce Ajax Product Filter at Sucuri Blog.

Comments

Comments are closed.

More in Global CyberSecurity

Global CyberSecurity

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

By OTC04/11/2024

Global CyberSecurity

Web Shells: Types, Mitigation & Removal

By OTC04/08/2024

Global CyberSecurity

Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS

By OTC04/02/2024

error: Content is protected !!

Cross Site Scripting in YITH WooCommerce Ajax Product Filter

General Dynamics seals a contract for Columbia&Dreadnought Class SSBN Fire Control Systems

U.S. Navy first operational CMV-22B arrives at Naval Air Station North Island

Comments

More in Global CyberSecurity

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Web Shells: Types, Mitigation & Removal

Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS

Cyber-Space

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS

WordPress Maintenance: Tasks & Best Practices

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Social EYK

PHMC GPE – WebLog

General Dynamics seals a contract for Columbia&Dreadnought Class SSBN Fire Control Systems

U.S. Navy first operational CMV-22B arrives at Naval Air Station North Island

You may also like

Comments

More in Global CyberSecurity

Cyber-Space

Social EYK

PHMC GPE – WebLog