Cross-site Scripting Vulnerability in Themeisle PPOM for WooCommerce
CVE-2025-24668
5.9MEDIUM
What is CVE-2025-24668?
A Cross-site Scripting (XSS) vulnerability in the Themeisle PPOM for WooCommerce plugin enables attackers to inject malicious scripts into web pages. This flaw affects versions from n/a up to 33.0.8, allowing for stored XSS attacks that can compromise user sessions or data. Website operators using this plugin should take immediate action to secure their applications and prevent exploitation.
Affected Version(s)
PPOM for WooCommerce <= 33.0.8