Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Booster_for_woocommerce
(Booster)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 16 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-11-18 | CVE-2022-41805 | Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 5.6.6 on WordPress. | Booster_for_woocommerce | 4.3 | ||
2021-08-30 | CVE-2021-34646 | Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged... | Booster_for_woocommerce | 9.8 | ||
2022-01-03 | CVE-2021-24999 | The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting | Booster_for_woocommerce | 6.1 | ||
2022-01-03 | CVE-2021-25000 | The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue | Booster_for_woocommerce | 6.1 | ||
2022-01-03 | CVE-2021-25001 | The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue | Booster_for_woocommerce | 6.1 | ||
2019-08-12 | CVE-2018-20966 | The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. | Booster_for_woocommerce | 6.1 |