Log out
Get PRO

Latest

Input validation vulnerability in Booster for WooCommerce 7.2.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: November 25, 2024

The Booster for WooCommerce plugin is not safe to use on WordPress. This is because it is vulnerable to a type of cyber attack called Stored Cross-Site Scripting. This means that attackers can inject harmful code into pages using a specific shortcode in the plugin. The plugin’s lack of security measures allows attackers with certain levels of access to execute these harmful scripts on any page that the user accesses.

Detected in:

Booster for WooCommerce fixed vulnerable versions: >= * <= 7.2.3
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools fixed vulnerable versions:
Booster for WooCommerce – PDF Invoices, Bulk Price Editor, Currency Switcher & 100+ Tools fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.