CVE-2023-28665 Information

Description

The Woo Bulk Price Update WordPress plugin in versions < 2.2.2 is affected by a reflected cross-site scripting vulnerability in the ‘page’ parameter to the techno_get_products action which can only be triggered by an authenticated user.

Reference

https://www.tenable.com/security/research/tra-2023-3