Vulnerabilities > Pluginus > Woocommerce Currency Switcher > 1.3.4.2

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-25043 Cross-site Scripting vulnerability in Pluginus Woocommerce Currency Switcher
The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue
network
pluginus CWE-79
4.3
4.3