CVE-2023-28665

The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user...

WordPress Bulk Price Update for Woocommerce Plugin < 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Price Update for Woocommerce Type Plugin Vulnerable versions 2.2.2 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28665 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bf10a922ae61 Credits Joshu...

CVE-2023-28665

creationtimestamp| type| source ---|---|--- 2023-03-22 23:36:00+00:00| seen| https://t.me/cibsecurity/60518...

CVE-2023-28665

The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user...

CVE-2023-28665

The CVE-2023-28665 entry concerns the WordPress plugin Woo Bulk Price Update, specifically versions prior to 2.2.2. A reflected cross-site scripting (XSS) vulnerability exists in the techno_get_products action where the attacker-controlled page parameter can trigger the flaw. Exploitation require...