4 matches found
CVE-2023-4796
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcjwpoption' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...
CVE-2023-4796 Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcjwpoption' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...
CVE-2023-4796
CVE-2023-4796 affects the Booster for WooCommerce plugin for WordPress (versions up to 7.1.0). It is an information-disclosure vulnerability via the wcj_wp_option shortcode, allowing authenticated users with subscriber-level capabilities or higher to retrieve arbitrary sensitive site options. The...
WordPress Booster for WooCommerce Plugin <= 7.1.0 is vulnerable to Sensitive Data Exposure
Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.0 Fixed in 7.1.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-4796 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3120f1c06fe Credits Lana Codes...