Security Advisory

CVE-2023-28665

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-22 00:00:00

Last updated 2025-02-25 19:13:42

Assigner tenable

State PUBLISHED

Description

The Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the page parameter to the techno_get_products action, which can only be triggered by an authenticated user.

← Browse all CVEs View on cve.org ↗