Booster For Woocommerce@4.0.1 Security Vulnerabilities and Issues — Booster For Woocommerce@4.0.1 CVE List

Lucene search

BoosterBooster For Woocommerce4.0.1

2 matches found

CVE•added 2025/04/04 5:15 a.m.•41 views

CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validate_product_input_fields_on_add_to_cart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8.3AI score0.00344EPSS

CVE•added 2025/04/04 6:15 a.m.•36 views

CVE-2024-13708

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.2CVSS6.2AI score0.00126EPSS