WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Booster for WooCommerce versions 7.11.3...

WordPress Booster for WooCommerce Plugin Missing Authorization Vulnerability

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

WordPress Booster for WooCommerce Plugin Cross-Site Scripting Vulnerability

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

CVE-2025-64380 WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

CVE-2025-64196

The CVE-2025-64196 entry describes a Cross-Site Scripting (Reflected XSS) vulnerability in the Booster for WooCommerce plugin’s WordPress component (woocommerce-jetpack) affecting version range up to and including 7.2.5. The root cause is improper neutralization of input during web page generatio...

WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Booster for WooCommerce versions = 7.4.0...

WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability

Unauthenticated Double Extension Arbitrary File Upload vulnerability discovered by luckybuddy in WordPress Plugin Booster for WooCommerce versions = 7.2.4...

WordPress plugin WordPress Booster for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting...

WordPress Booster for WooCommerce plugin <= 7.2.3 - Authenticated (ShopManager+) Stored Cross-Site Scripting via wcj_product_meta Shortcode vulnerability

Authenticated ShopManager+ Stored Cross-Site Scripting via wcjproductmeta Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Booster for WooCommerce versions = 7.2.3...

WordPress Booster for WooCommerce Plugin <= 7.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9170 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cb123e14d09e Credits Francesco Carluc...

WordPress Booster for WooCommerce Plugin <= 7.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9239 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c5b658709ea3 Credits vgo0...

WordPress Booster for WooCommerce Plugin <= 7.1.8 is vulnerable to Broken Access Control

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.8 Fixed in 7.1.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-3957 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c5acc2669cf3 Credits stealthcopter Required...

WordPress Booster Extension Plugin <= 1.2.0 is vulnerable to Sensitive Data Exposure

Software Booster Extension Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-2109 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c3706e2b31e0 Credits Krzysztof Zając Required...

WordPress Booster for WooCommerce Plugin <= 7.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29760 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ccd1007ae31 Credits Rafie Muhammad Patchstac...

WordPress Booster for WooCommerce Plugin <= 7.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1534 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f7996b3626f Credits Ngô Thiên An...

WordPress Booster Elite for WooCommerce Plugin <= 7.1.7 is vulnerable to Arbitrary File Upload

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1986 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 3f5da7669b23 Credits Christiaan Swiers YouGina...

WordPress Booster Elite for WooCommerce Plugin < 7.1.3 is vulnerable to Content Injection

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions 7.1.3 Fixed in 7.1.3 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-51511 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1e2bd30a7dcc Credits Dave Jong...

WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.1 Fixed in 7.1.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-48333 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b3744065c2d4 Credits Dave Jong...

WordPress Booster for WooCommerce Plugin <= 7.1.2 is vulnerable to Content Injection

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-48747 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f10b42acb401 Credits Dave Jong Patchstac...

WordPress Booster for WooCommerce Plugin <= 7.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5638 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID be851143f85f Credits István Márton...