First published: Wed Aug 30 2023(Updated: )
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Brands plugin <= 1.6.45 versions.
Credit: audit@patchstack.com audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Woocommerce Woocommerce Brands | <=1.6.45 |
Update to 1.6.46 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32746 is an Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in the WooCommerce WooCommerce Brands plugin.
The severity of CVE-2023-32746 is medium with a severity value of 5.4.
The WooCommerce WooCommerce Brands plugin versions up to and including 1.6.45 are affected by CVE-2023-32746.
To fix the CVE-2023-32746 vulnerability, update the WooCommerce WooCommerce Brands plugin to version 1.6.46 or higher.
You can find more information about CVE-2023-32746 at the following link: [https://patchstack.com/database/vulnerability/woocommerce-brands/wordpress-woocommerce-brands-plugin-1-6-45-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve](https://patchstack.com/database/vulnerability/woocommerce-brands/wordpress-woocommerce-brands-plugin-1-6-45-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve)