Vulnerabilities > Woocommerce > Subscriptions > 2.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-23 | CVE-2019-18834 | Cross-site Scripting vulnerability in Woocommerce Subscriptions Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php. | 4.3 |