Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "stock_delivery_terms_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Predictive Search Cross-Site Scripting (1.0.5)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15730)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.23.2)
WordPress Plugin Media from FTP Directory Traversal (9.85)
WordPress Plugin Affiliate Press Multiple Cross-Site Scripting Vulnerabilities (0.3.8)