Vulnerabilities > Variation Swatches FOR Woocommerce Project

DATE CVE VULNERABILITY TITLE RISK
2023-07-27 CVE-2023-37975 Cross-site Scripting vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce
Unauth.
6.1
2021-12-14 CVE-2021-42367 Missing Authorization vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce
The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1.
5.4