CVE-2025-39520

Published: 2025-04-16T13:15:45.503

Last Modified: 2025-04-16T13:25:37.340

Source: MITRE CVE List

License: MITRE-CVE-TOS

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham Checkout Files Upload for WooCommerce allows Stored XSS. This issue affects Checkout Files Upload for WooCommerce: from n/a through 2.2.0. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt