2 matches found
CVE-2024-1054
The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wcjproductbarcode' shortcode in all versions up to, and including, 7.1.6 due to insufficient input sanitization and output escaping on user supplied attributes like 'color'. This makes ...
CVE-2024-1054
CVE-2024-1054 (Booster for WooCommerce, WordPress) is a Stored Cross-Site Scripting vulnerability in the Booster for WooCommerce plugin’s wcj_product_barcode shortcode. Exploitation requires authentication at contributor level or higher, and affects all versions up to 7.1.6. The issue stems from ...