Pluginus Fox - Currency Switcher Professional For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Pluginus Fox - Currency Switcher Professional For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-24566 — CVSS 8.8 (high): The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.
CVE-2024-8271 — CVSS 7.3 (high): The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all…
CVE-2022-4431 — CVSS 5.4 (medium): The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode attributes before outputting them back in the…
CVE-2023-49834 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX…
CVE-2023-6556 — CVSS 5.4 (medium): The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency…