The Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the techno_get_products action, which can only be triggered by an authenticated user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
technocrackers bulk price update for woocommerce |