4 matches found
CVE-2023-5348
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users...
CVE-2023-5348
creationtimestamp| type| source ---|---|--- 2023-12-21 23:16:48+00:00| seen| https://t.me/ctinow/158038...
CVE-2023-5348
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users...
CVE-2023-5348
CVE-2023-5348 affects the WordPress plugin “Product Catalog Mode For WooCommerce” (pre-5.0.3). The issue arises from improper authorization of settings updates and failure to escape settings values, enabling stored XSS by unauthenticated users. Affected version range is prior to 5.0.3; remediatio...