CVE-2023-28783

Name of the Vulnerable Software and Affected Versions PHPRADAR Woocommerce Tip/Donation plugin versions <= 1.2

Description The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that affects authenticated users with shop manager or higher privileges. This vulnerability allows an attacker to inject malicious scripts into the application, potentially leading to unauthorized access or data theft. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For PHPRADAR Woocommerce Tip/Donation plugin versions <= 1.2, update to a version higher than 1.2 to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.