Bulk Price Update for Woocommerce Plugin for WordPress < 2.2.2 Cross-Site Scripting

The WordPress Bulk Price Update for Woocommerce Plugin installed on the remote host is affected by an authenticated reflected Cross-Site Scripting XSS in the page parameter of the technogetproducts action. Note that the scanner has not tested for these issues but has instead relied only on the...

The vulnerability of the Bulk Price Update plugin for Woocommerce in the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Bulk Price Update plugin for Woocommerce in the WordPress content management system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

WordPress Bulk Price Update for Woocommerce Plugin < 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Price Update for Woocommerce Type Plugin Vulnerable versions 2.2.2 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28665 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bf10a922ae61 Credits Joshu...

CVE-2023-28665

The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user...

CVE-2023-28665

The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user...

Woo Bulk Price Update < 2.2.2 - Reflected XSS

The plugin does not sanitize and escape escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open...

WordPress plugin Woo Bulk Price Update 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-28665

The CVE-2023-28665 entry concerns the WordPress plugin Woo Bulk Price Update, specifically versions prior to 2.2.2. A reflected cross-site scripting (XSS) vulnerability exists in the techno_get_products action where the attacker-controlled page parameter can trigger the flaw. Exploitation require...

CVE-2023-28665

The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user...

PT-2023-6985 · WordPress · Woo Bulk Price Update

Name of the Vulnerable Software and Affected Versions: Woo Bulk Price Update WordPress plugin versions prior to 2.2.2 Description: The issue is related to a reflected cross-site scripting vulnerability. It is triggered by the page parameter to the techno get products action and can only be...