Product Slider For Woocommerce
Approved changes feed: RSS · Atom
cpe:2.3:a:pickplugins:product_slider_for_woocommerce:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Pickplugins (03c448d6-40a7-5ce8-8d7e-bbbe6a0aa644) |
|---|---|
| Product | Product Slider For Woocommerce (9ab86e36-57cd-589e-86c8-78d916b33e6a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/pickplugins/woocommerce-products-slider |
purl2cpe | 2026-06-01 10:15:03.998785 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-45459 |
vulnerable | 2026-06-03 14:56:56.645232 |
WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through <= 1.13.50.
Published: 2024-09-15T07:41:38.095Z
Updated: 2026-04-28T16:10:18.143Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-0166 |
vulnerable | 2026-06-03 14:48:45.743824 |
PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS
The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Published: 2023-02-13T14:32:20.615Z
Updated: 2025-03-21T15:25:48.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24300 |
vulnerable | 2026-06-03 14:43:56.757866 |
PickPlugins Product Slider for WooCommerce < 1.13.22 - Reflected Cross-Site Scripting (XSS)
The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue
Published: 2021-05-24T10:58:04.000Z
Updated: 2024-08-03T19:28:23.414Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.