CVE-2023-47777

Name of the Vulnerable Software and Affected Versions WooCommerce versions through 8.1.1 WooCommerce Blocks versions through 11.1.1

Description The issue affects Automattic WooCommerce and Automattic WooCommerce Blocks, allowing Stored XSS due to improper neutralization of input during web page generation. This is a Cross-site Scripting vulnerability.

Recommendations For WooCommerce versions through 8.1.1, update to a version later than 8.1.1 to resolve the issue. For WooCommerce Blocks versions through 11.1.1, update to a version later than 11.1.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the web application to minimize the risk of exploitation.