5 matches found
CVE-2021-25001
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue...
Cross site scripting
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue...
Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in Product XML Feeds Module
The plugin does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue PoC The "Product XML Feeds" module needs to be enabled in "Woocommerce -...
WordPress Booster for WooCommerce plugin <= 5.4.8 - Reflected Cross-Site Scripting (XSS) vulnerability in Product XML Feeds Module
Reflected Cross-Site Scripting XSS vulnerability in Product XML Feeds Module discovered by Jeremie Amsellem in WordPress Booster for WooCommerce plugin versions = 5.4.8. Solution Update the WordPress Booster for WooCommerce plugin to the latest available version at least 5.4.9...
Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in Product XML Feeds Module
The plugin does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue The "Product XML Feeds" module needs to be enabled in "Woocommerce - Boost...