29 matches found
EUVD-2024-17702
Malicious code in bioql PyPI...
EUVD-2023-56224
Malicious code in bioql PyPI...
EUVD-2023-56907
Malicious code in bioql PyPI...
CVE-2023-52234
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2...
CVE-2023-51511
Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3...
CVE-2024-1986
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
CVE-2023-51511
Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3...
CVE-2023-51511
Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3...
CVE-2023-52234
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2...
CVE-2023-52234
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2...
CVE-2023-52234 WordPress Booster Elite for WooCommerce plugin < 7.1.2 - Auth. Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2...
CVE-2023-52234
CVE-2023-52234 refers to Booster Elite for WooCommerce. Patchstack confirms vulnerable versions are
PT-2024-14498 · Woocommerce · Booster Elite For Woocommerce
Name of the Vulnerable Software and Affected Versions: Booster Elite for WooCommerce versions prior to 7.1.2 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not...
CVE-2024-1986
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
Input validation
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
CVE-2024-1986 Elite Booster for WooCommerce <= 7.1.7 - Authenticated (Subscriber+) Arbitrary File Upload
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
CVE-2024-1986 Elite Booster for WooCommerce <= 7.1.7 - Authenticated (Subscriber+) Arbitrary File Upload
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
CVE-2024-1986
The CVE-2024-1986 entry concerns Booster Elite for WooCommerce (WordPress). The vulnerability is an arbitrary file upload flaw in wc_add_new_product() across all versions up to 7.1.7, enabling network-authenticated (Subscriber+) attackers to upload arbitrary files when product-upload is enabled, ...
WordPress Booster Elite for WooCommerce Plugin <= 7.1.7 is vulnerable to Arbitrary File Upload
Software Booster Elite for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1986 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 3f5da7669b23 Credits Christiaan Swiers YouGina...
Booster Elite for WooCommerce < 7.1.2 - Missing Authorization to Order Information Disclosure
Description The Booster Elite for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to 7.1.2 exclusive. This makes it possible for authenticated attackers, with subscriber-level access and above, to view...