WordPress WooCommerce XSS Vulnerability – Hijacking a Customer Account with a Crafted Image
WordPress WooCommerce XSS Vulnerability – Hijacking a Customer Account with a Crafted Image
Overview
The FortiGuard Labs team recently discovered a Cross-Site Scripting (XSS) vulnerability in WooCommerce. WooCommerce is an open-source eCommerce platform built on WordPress. According to BuiltWith statistics, WooCommerce is the No. 1 eCommerce platform, owning 22% of global market share in 2018.
This XSS vulnerability (CVE-2019-9168) exists in the zoom display of the Photoswipe…
View On WordPress













