CVE-2022-4227

🗓️ 26 Dec 2022 12:28:11Reported by WPScanType

The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scriptin

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2022-4227	26 Dec 202216:40	–	circl
CNNVD	WordPress plugin Booster for WooCommerce 跨站脚本漏洞	26 Dec 202200:00	–	cnnvd
Cvelist	CVE-2022-4227 Booster for WooCommerce - Reflected Cross-Site Scripting	26 Dec 202212:28	–	cvelist
EUVD	EUVD-2022-51586	3 Oct 202520:07	–	euvd
NVD	CVE-2022-4227	26 Dec 202213:15	–	nvd
Prion	Cross site scripting	26 Dec 202213:15	–	prion
Positive Technologies	PT-2022-26350 · WordPress · Booster Elite For Woocommerce +2	26 Dec 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-4227	22 May 202523:47	–	redhatcve
Vulnrichment	CVE-2022-4227 Booster for WooCommerce - Reflected Cross-Site Scripting	26 Dec 202212:28	–	vulnrichment
WPVulnDB	Booster for WooCommerce - Reflected Cross-Site Scripting	5 Dec 202200:00	–	wpvulndb

NVD

Vulners

Node

booster booster_elite_for_woocommerceRange<6.0.0wordpress

booster booster_for_woocommerceRange<5.6.3wordpress

booster booster_plus_for_woocommerceRange<6.0.0wordpress

[
  {
    "vendor": "Unknown",
    "product": "Booster for WooCommerce",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "5.6.3"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  },
  {
    "vendor": "Unknown",
    "product": "Booster Plus for WooCommerce",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "6.0.0"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Unknown",
    "product": "Booster Elite for WooCommerce",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "6.0.0"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/90d3022c-5d35-4ef2-ab87-6919268db890

14 Apr 2025 14:15Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.16.1

EPSS0.00199

SSVC