Vulnerabilities > Variation Swatches FOR Woocommerce Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-23 | CVE-2024-13511 | Cross-Site Request Forgery (CSRF) vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. | 4.3 |
| 2023-07-27 | CVE-2023-37975 | Cross-site Scripting vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce Unauth. | 6.1 |
| 2021-12-14 | CVE-2021-42367 | Missing Authorization vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. | 5.4 |