CVE-2024-56265
MEDIUM WAF: High
CVSS 6.1
Published: 2024-12-31
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWeb WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| wpwebelite | woocommerce_pdf_vouchers | up to 4.9.9 |
References
- patchstack.com (Third Party Advisory)