From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: WordPress Search order by product SKU for WooCommerce Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS) - **Priority**: Medium priority - **Version**: <= 0.2 - **Status**: No official fix available 2. **Risk**: - **CVSS Score**: 7.1 - **Description**: This vulnerability is of medium severity and is expected to be exploited. 3. **Vulnerability Type**: - **Cross Site Scripting (XSS)** 4. **Solution**: - **Recommendation**: Immediately mitigate or resolve this vulnerability. - **Virtual Patch**: Patchstack has released a virtual patch to block any attacks until an official fix becomes available. 5. **Details**: - **Software**: Search order by product SKU for WooCommerce - **Type**: Plugin - **Affected Versions**: <= 0.2 - **Fix Status**: N/A 6. **Timeline**: - **Report Date**: October 25, 2024 - **Early Warning**: Sent to Patchstack customers on November 4, 2024 - **Publication Date**: November 6, 2024 7. **Additional Information**: - **Reporter**: thiennv - **Contact Options**: Support vulnerability reporting, send thanks, or ask questions. This information provides a detailed description of the vulnerability, risk assessment, recommended solutions, and timeline, helping users understand the severity, affected software and versions, and how to mitigate or resolve the vulnerability.