4 matches found
CVE-2021-25000
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue...
Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module
The plugin does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue The "General" module needs to be enabled in "Woocommerce - Booster Settings - Booster"...
Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module
The plugin does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue PoC The "General" module needs to be enabled in "Woocommerce - Booster Settings - Booster"...
WordPress Booster for Woocommerce plugin <= 5.4.8 - Reflected Cross-Site Scripting (XSS) vulnerability in General Module
Reflected Cross-Site Scripting XSS vulnerability in PDF Invoicing Module discovered by Jeremie Amsellem in WordPress Booster for Woocommerce plugin versions = 5.4.8. Solution Update the WordPress Booster for Woocommerce plugin to the latest available version at least 5.4.9...