Vulnerabilities > Berocket > Advanced Product Labels FOR Woocommerce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-0399 | Cross-site Scripting vulnerability in Berocket Advanced Product Labels for Woocommerce The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the tax_color_set_type parameter before outputting it back in the berocket_apl_color_listener AJAX action's response, leading to a Reflected Cross-Site Scripting | 4.3 |