A plugin called Booster Elite for WooCommerce on WordPress has a security issue where any type of file can be uploaded without being checked. This means that anyone with customer-level access or higher can upload harmful files onto the website’s server, potentially allowing them to take control of the site. This can only happen if the product upload feature is turned on.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
