Vulnerabilities > Pluginus > FOX Currency Switcher Professional FOR Woocommerce > 1.4.1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-11	CVE-2023-6556	Cross-site Scripting vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. network low complexity pluginus CWE-79	5.4
2023-12-17	CVE-2023-49834	Cross-Site Request Forgery (CSRF) vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4. network low complexity pluginus CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.