5.4
CVSSv3

CVE-2023-28665

Published: 22/03/2023 Updated: 28/03/2023
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0

Vulnerability Summary

The Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the techno_get_products action, which can only be triggered by an authenticated user.

Vulnerable Product Search on Vulmon Subscribe to Product

technocrackers bulk price update for woocommerce