Blog

blog
September 2, 2024
WooCommerce Subscriptions Persistent XSS (CVE-2019-18834)

A persistent Cross-Site Scripting vulnerability in WooCommerce Subscriptions before version 2.6.3 allowed unauthenticated users to execute malicious scripts in the WordPress admin panel, leading to potential account takeover and privilege escalation, underscoring the importance of timely updates and integrated security practices in development.

Read more