Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "PACKING_SLIPS_SUMMARY_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin Style Kits-Advanced Theme Styles for Elementor Cross-Site Request Forgery (1.8.0)
WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2015-10005)
WordPress Plugin Easy Media Download Cross-Site Scripting (1.1.6)
WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.21)