2 matches found
CVE-2024-9239 Booster for WooCommerce <= 7.2.3 - Reflected Cross-Site Scripting
The Booster for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 7.2.3. This makes it possible for unauthenticated attackers to inject...
WordPress Booster for WooCommerce Plugin <= 7.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9239 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c5b658709ea3 Credits vgo0...