3 matches found
CVE-2023-5348
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users...
CVE-2023-5348
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users...
CVE-2023-5348
CVE-2023-5348 affects the WordPress plugin “Product Catalog Mode For WooCommerce” (pre-5.0.3). The issue arises from improper authorization of settings updates and failure to escape settings values, enabling stored XSS by unauthenticated users. Affected version range is prior to 5.0.3; remediatio...