Medium 6.4
2025-08-28< 1.3.8
Dynamic AJAX Product Filters for WooCommerce <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter
Dynamic AJAX Product Filters for WooCommerce
Vulnerabilities 2Slug dynamic-ajax-product-filters-for-woocommerceLatest version 1.6.0WordPress.org →
Minimum safe version
1.3.8
Update to 1.3.8 or later to address 2 fixable vulnerabilities
Latest available1.6.0 ✓
Medium 6.4
2025-08-28< 1.3.8
WordPress Dynamic AJAX Product Filters for WooCommerce Plugin <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)