In WooCommerce Ultimate Gift Card – Create, Sell and Manage Gift Cards with Customized Email Templates plugin for WordPress in versions up to 2.9.1 a medium severity vulnerability CVE-2024-53740 was detected. This vulnerability allows unauthenticated attackers to inject arbitrary web scripts into pages by tricking users into actions such as clicking on a link, due to insufficient input sanitization and output escaping. To address this issue, users must upgrade to version 2.9.1 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-53740.
WooCommerce Ultimate Gift Card: Reflected XSS Vulnerability
by the Hossted team
09.12.2024