First published: Fri Aug 25 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.25 versions.
Credit: audit@patchstack.com audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Woocommerce Woocommerce | <=1.3.25 |
Update to 1.3.26 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-32575.
The severity of CVE-2023-32575 is medium, with a severity value of 4.8.
The WooCommerce plugin versions up to and including 1.3.25 are affected by CVE-2023-32575.
This vulnerability can be exploited by an authenticated (admin+) user to inject malicious scripts into the Product page shipping calculator.
Yes, a fix is available for the CVE-2023-32575 vulnerability. Please refer to the provided reference for more information.