Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-5348

Disclosure Date: December 18, 2023 (last updated December 22, 2023)
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0