CVE-2023-28988

Name of the Vulnerable Software and Affected Versions WooCommerce plugin versions <= 2.1.48

Description The issue is related to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, and Quick View button for the WooCommerce plugin.

Recommendations For versions <= 2.1.48, update to a version higher than 2.1.48 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable buttons and features until a patch is available. Avoid using the vulnerable features in the affected plugin until the issue is resolved.