Log out
Get PRO

Latest

Input validation vulnerability in Booster for WooCommerce 7.1.7

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 6, 2024

The Booster for WooCommerce plugin, used on WordPress websites, has a security vulnerability that allows attackers to insert harmful code using the plugin’s shortcodes. This can happen on any version up to version 7.1.7 because the plugin does not properly clean and protect user input. This means that attackers with certain levels of access can add their own code to a page, which will then run when someone views that page.

Detected in:

Booster for WooCommerce fixed vulnerable versions: >= * <= 7.1.7
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools fixed vulnerable versions:
Booster for WooCommerce – PDF Invoices, Bulk Price Editor, Currency Switcher & 100+ Tools fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.