Lucene search
WPScanCVELIST:CVE-2022-4227HistoryDec 26, 2022 - 12:28 p.m.
CVE-2022-4227 Booster for WooCommerce - Reflected Cross-Site Scripting
2022-12-2612:28:11
WPScan
www.cve.org
3
cross-site scripting
wordpress
plugin vulnerability
cve-2022-4227
reflected.
EPSS
0.001
Percentile
31.7%
The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting
CNA Affected
[
{
"vendor": "Unknown",
"product": "Booster for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.6.3"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
},
{
"vendor": "Unknown",
"product": "Booster Plus for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "6.0.0"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Unknown",
"product": "Booster Elite for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "6.0.0"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Cross site scripting
2022-12-26 13:15:00
cve
cve
CVE-2022-4227
2022-12-26 13:15:13
wpvulndb
wpvulndb
Booster for WooCommerce - Reflected Cross-Site Scripting
2022-12-05 00:00:00
nvd
nvd
CVE-2022-4227
2022-12-26 13:15:13