Filtered by vendor Themelocation Subscriptions
Filtered by product Widgets For Woocommerce Products On Elementor Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-4661 1 Themelocation 1 Widgets For Woocommerce Products On Elementor 2024-11-21 5.4 Medium
The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CVE-2024-43271 1 Themelocation 1 Widgets For Woocommerce Products On Elementor 2024-08-20 8.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0.