Tag
The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution (RCE) due to insufficient sanitization of user-submitted field values, allowing unauthenticated attackers to execute arbitrary code via crafted WCPA text fields.