Lucene search
HistoryMar 22, 2023 - 9:15 p.m.
CVE-2023-28665
cve-2023-28665
woo bulk price update
wordpress plugin
reflected xss
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
39.5%
The Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the ‘page’ parameter to the techno_get_products action, which can only be triggered by an authenticated user.
Affected configurations
Node
technocrackersbulk_price_update_for_woocommerceRange<2.2.2wordpress
CNA Affected
[
{
"vendor": "n/a",
"product": "Woo Bulk Price Update WordPress Plugin",
"versions": [
{
"version": "< 2.2.2",
"status": "affected"
}
]
}
]Related
prion
prion
Cross site scripting
2023-03-22 21:15:00
openvas
openvas
WordPress Woo Bulk Price Update Plugin < 2.2.2 XSS Vulnerability
2023-08-29 00:00:00
wpexploit
wpexploit
Woo Bulk Price Update < 2.2.2 - Reflected XSS
2023-03-22 00:00:00
wpvulndb
wpvulndb
Woo Bulk Price Update < 2.2.2 - Reflected XSS
2023-03-22 00:00:00
nuclei
nuclei
Woo Bulk Price Update <2.2.2 - Cross-Site Scripting
2023-07-16 18:06:40
cvelist
cvelist
CVE-2023-28665
2023-03-22 00:00:00
nvd
nvd
CVE-2023-28665
2023-03-22 21:15:19
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
39.5%
Related for CVE-2023-28665