Description
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-08-02T07:52:08.586Z
Reserved: 2023-10-03T10:02:33.963Z
Link: CVE-2023-5348
No data.
Status : Modified
Published: 2023-12-18T20:15:08.553
Modified: 2026-06-17T06:48:23.850
Link: CVE-2023-5348
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')