Booster For Woocommerce Security Vulnerabilities and Issues — Booster For Woocommerce CVE List

Lucene search

BoosterBooster For Woocommerce

3 matches found

CVE•added 2025/04/01 7:15 a.m.•43 views

CVE-2024-12278

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via any location that typically sanitizes data using wp_kses, like comments, in all versions up to, and including, 7.2.5 due to insufficient input sanitization and output escaping. This makes it possible f...

7.2CVSS6.3AI score0.00235EPSS

CVE•added 2025/04/04 5:15 a.m.•40 views

CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validate_product_input_fields_on_add_to_cart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8.3AI score0.00224EPSS

CVE•added 2025/04/04 6:15 a.m.•35 views

CVE-2024-13708

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.2CVSS6.2AI score0.00106EPSS