https://www.wordfence.com/blog/2017/08/xss-vulnerability-woocommerce-product-vendors-plugin/
This entry was posted in Vulnerabilities, WordPress Security on August 31, 2017 by Mark Maunder 0 Replies
A reflected cross site scripting vulnerability has been reported in a premium WordPress plugin for WooCommerce known as the ‘Product Vendors‘ plugin. This plugin is used by 28% of all online WooCommerce stores.
Product Vendors version 2.0.35 is affected by the vulnerability.
Source: Security Feed