WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Booster for WooCommerce versions 7.11.3...

WordPress Booster for WooCommerce Plugin Cross-Site Scripting Vulnerability

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

WordPress Booster for WooCommerce Plugin Missing Authorization Vulnerability

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

CVE-2025-64380 WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...

CVE-2025-64196

The CVE-2025-64196 entry describes a Cross-Site Scripting (Reflected XSS) vulnerability in the Booster for WooCommerce plugin’s WordPress component (woocommerce-jetpack) affecting version range up to and including 7.2.5. The root cause is improper neutralization of input during web page generatio...

WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Booster for WooCommerce versions = 7.4.0...

WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability

Unauthenticated Double Extension Arbitrary File Upload vulnerability discovered by luckybuddy in WordPress Plugin Booster for WooCommerce versions = 7.2.4...

WordPress plugin WordPress Booster for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting...

WordPress Booster for WooCommerce plugin <= 7.2.3 - Authenticated (ShopManager+) Stored Cross-Site Scripting via wcj_product_meta Shortcode vulnerability

Authenticated ShopManager+ Stored Cross-Site Scripting via wcjproductmeta Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Booster for WooCommerce versions = 7.2.3...

WordPress Booster for WooCommerce Plugin <= 7.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9170 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cb123e14d09e Credits Francesco Carluc...

WordPress Booster for WooCommerce Plugin <= 7.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9239 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c5b658709ea3 Credits vgo0...

WordPress Booster for WooCommerce Plugin <= 7.1.8 is vulnerable to Broken Access Control

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.8 Fixed in 7.1.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-3957 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c5acc2669cf3 Credits stealthcopter Required...

WordPress Booster Extension Plugin <= 1.2.0 is vulnerable to Sensitive Data Exposure

Software Booster Extension Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-2109 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c3706e2b31e0 Credits Krzysztof Zając Required...

WordPress Booster for WooCommerce Plugin <= 7.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29760 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ccd1007ae31 Credits Rafie Muhammad Patchstac...

WordPress Booster Elite for WooCommerce Plugin <= 7.1.7 is vulnerable to Arbitrary File Upload

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1986 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 3f5da7669b23 Credits Christiaan Swiers YouGina...

WordPress Booster for WooCommerce Plugin <= 7.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1534 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f7996b3626f Credits Ngô Thiên An...

WordPress Booster Elite for WooCommerce Plugin < 7.1.3 is vulnerable to Content Injection

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions 7.1.3 Fixed in 7.1.3 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-51511 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1e2bd30a7dcc Credits Dave Jong...

WordPress Booster for WooCommerce Plugin <= 7.1.2 is vulnerable to Content Injection

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-48747 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f10b42acb401 Credits Dave Jong Patchstac...

WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.1 Fixed in 7.1.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-48333 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b3744065c2d4 Credits Dave Jong...

WordPress Booster for WooCommerce Plugin <= 7.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5638 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID be851143f85f Credits István Márton...