Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
FluentCart: Unsecured Input Can Steal User Data
CVE-2025-67971
Summary
FluentCart, a plugin for WordPress, has a security flaw that allows hackers to steal user data or take control of user sessions. This affects versions of FluentCart before 1.3.0. To stay safe, update your FluentCart plugin to the latest version.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPManageNinja FluentCart fluent-cart allows Reflected XSS.This issue affects FluentCart: from n...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPManageNinja FluentCart fluent-cart allows Reflected XSS.This issue affects FluentCart: from n/a through < 1.3.0.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026