Lucene search
K

116 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.4 views

CVE-2026-56027

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39690

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS5.8AI score0.00328EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validateproductinputfieldsonaddtocart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8AI score0.00645EPSS
In wildExploits0References2
EUVD
EUVD
added 2026/03/17 9:31 a.m.5 views

EUVD-2026-12550

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a before 7.11.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/17 8:24 a.m.1 views

CVE-2026-32586

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS5.9AI score0.00225EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/17 8:24 a.m.3 views

CVE-2026-32586 WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS5.1AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 8:24 a.m.10 views

CVE-2026-32586

CVE-2026-32586 describes a Missing Authorization vulnerability in Booster for WooCommerce (WordPress plugin). Affected: Booster for WooCommerce versions prior to 7.11.3. Root cause: incorrectly configured access control/security levels allowing unauthorized actions. Impact: CVSS v3.1 base score 5...

5.3CVSS5.9AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 8:24 a.m.29 views

CVE-2026-32586 WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.10 views

WordPress plugin Booster for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.5 views

CVE-2023-4945

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.00491EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 10:11 a.m.6 views

CVE-2025-64379

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0...

4.3CVSS7AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 10:11 a.m.5 views

CVE-2025-64380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

6.5CVSS6AI score0.00138EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 12:31 p.m.5 views

EUVD-2025-163768

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

6.5CVSS5.5AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 12:31 p.m.5 views

EUVD-2025-163769

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0...

4.3CVSS6.4AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2025/11/13 10:15 a.m.6 views

CVE-2025-64380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

6.5CVSS5.8AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 10:15 a.m.4 views

CVE-2025-64380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

6.5CVSS0.00138EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 10:15 a.m.3 views

CVE-2025-64379

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0...

4.3CVSS0.00167EPSS
Exploits0References1
OSV
OSV
added 2025/11/13 10:15 a.m.4 views

CVE-2025-64379

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0...

4.3CVSS5.8AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 9:24 a.m.5 views

CVE-2025-64380 WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

6.5CVSS0.00138EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 9:24 a.m.17 views

CVE-2025-64380

CVE-2025-64380 affects WordPress Booster for WooCommerce (woocommerce-jetpack) plugin, specifically versions up to and including 7.3.2. The root cause is improper input handling during web page generation, leading to a stored cross-site scripting (XSS) vulnerability. This means malicious script p...

6.5CVSS5.6AI score0.00138EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder