cleantalk
Vulnerabilities and Security Researches

Product Catalog Mode For WooCommerce, CVE-2023-5348

CVE, Research URL

CVE-2023-5348

Home page URL

Security reports for Product Catalog Mode For WooCommerce

Application

Product Catalog Mode For WooCommerce

Published on
Dec 19, 2023
Research Description
The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users.
Affected versions
max 5.0.3.
Status
vulnerable
Previous vulnerability researches
Product Catalog Mode For WooCommerce (b308b1976fbd8c17995ad5f6339f0f0a06f57ab7) , Jun 16, 2026
Product Catalog Mode For WooCommerce (CVE-2024-25929) , Jun 07, 2024
Product Catalog Mode For WooCommerce (CVE-2017-18592) , Jun 07, 2024
Product Catalog Mode For WooCommerce (CVE-2023-5348) , Jun 07, 2024
Product Catalog Mode For WooCommerce (CVE-2023-50899) , Jun 10, 2024
New vulnerability
Co-Authors Plus (3b59fa89-76f2-42de-b8dc-b20029b03ca2) , Jun 16, 2026
Co-Authors Plus (034cb5664dd2496536a4b1eb1b6eccfe0dfdee1d) , Jun 16, 2026
WP Editor (9bd82df3361111ce1d4cf7e25e54197d57e5fcf7) , Jun 16, 2026
WP Editor (57bcaf52c81e37e52179a1bc19ff300383498acc) , Jun 16, 2026
WP Editor (9f554258dccf197d2aef6c675e863309c8c23908) , Jun 16, 2026