CVE-2023-5348

Publication date

2023-12-18 20:07:59

Family

WPScan

State

PUBLISHED

Description

The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.