2 matches found
CVE-2021-25001
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue...
CVE-2021-25001
CVE-2021-25001 affects the WordPress Booster for WooCommerce plugin (versions before 5.4.9). Multiple connected sources confirm a vulnerability in the Product XML Feeds module: the wcj_create_products_xml_result parameter is not sanitised/escaped when output in the admin dashboard, enabling a ref...