Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-47504

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Custom Checkout Fields for WooCommerce, WPFactory Customer Email Verification for WooCommerce allows Stored XSS.This issue affects Custom Checkout Fields for WooCommerce: from n/a through 1.8.3; Customer Email Verification for WooCommerce: from n/a through 3.0.2.

Published

2025-05-07T15:16:05.047

Last Modified

2025-12-30T22:15:42.430

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

References

https://patchstack.com/database/wordpress/plugin/custom-checkout-fields-for-woocommerce/vulnerability/wordpress-custom-checkout-fields-for-woocommerce-1-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve ([email protected])
https://patchstack.com/database/wordpress/plugin/emails-verification-for-woocommerce/vulnerability/wordpress-email-verification-for-woocommerce-plugin-3-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve ([email protected])