Log out
Get PRO

Latest

Input validation vulnerability in Booster for WooCommerce 7.1.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 13, 2023

The Booster for WooCommerce plugin for WordPress has a security vulnerability in versions up to and including 7.1.0 that can enable attackers with contributor-level permissions or higher to inject malicious scripts into pages. If a user visits one of these pages, the scripts will run and could cause harm to the user. This vulnerability is due to the Booster for WooCommerce plugin not properly sanitizing and escaping user supplied data.

Detected in:

Booster for WooCommerce fixed vulnerable versions: >= * <= 7.1.0
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools fixed vulnerable versions:
Booster for WooCommerce – PDF Invoices, Bulk Price Editor, Currency Switcher & 100+ Tools fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.