Vulnerabilities > Visser > Store Toolkit FOR Woocommerce

DATE CVE VULNERABILITY TITLE RISK
2022-02-07 CVE-2021-25077 Cross-site Scripting vulnerability in Visser Store Toolkit for Woocommerce
The Store Toolkit for WooCommerce WordPress plugin before 2.3.2 does not sanitise and escape the tab parameter before outputting it back in an admin page in an error message, leading to a Reflected Cross-Site Scripting
network
low complexity
visser CWE-79
6.1
6.1
2019-08-22 CVE-2016-10923 Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.
network
low complexity
visser CWE-264
critical
 9.8
9.8
2019-08-22 CVE-2016-10922 Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation.
network
low complexity
visser CWE-264
critical
 9.8
9.8