fbpx
Want To Add Extra Images Per Product Variation For Free? Download Now

XSS Vulnerability Patched in Plugin Designed to Enhance WooCommerce

ziv avriel

I have received a notification regarding Variation Swatches for WooCommerce – “XSS Vulnerability Patched in Plugin Designed to Enhance WooCommerce”

“responsible disclosure process for a vulnerability we discovered in “Variation Swatches for WooCommerce”, a WordPress plugin that is installed on over 80,000 sites and acts as an extension for WooCommerce. This flaw made it possible for an attacker with low-level permissions, such as a subscriber or a customer, to inject malicious JavaScript that would execute when a site administrator accessed the settings area of the plugin.”

my pro version & free Variation Swatches version is 1.1.6 I also use Additional Variation Images Gallery for WooCommerce – Pro Version 1.2.0 and the free Version 1.2.8

Please advise what should be done to terminate this vulnerability?

Tanvirul Haque

Hello Ziv Avriel,

That issue is about the Woosuite plugin https://prnt.sc/21c8kxj Please don’t worry, Variation swatches for WooCommerce developed by Emran Ahmed have no security issue.

Thanks

Tanvirul Haque

You are most welcome.