Product:

Booster_for_woocommerce

(Booster)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 16
Date Id Summary Products Score Patch Annotated
2022-11-18 CVE-2022-41805 Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 5.6.6 on WordPress. Booster_for_woocommerce 4.3
2021-08-30 CVE-2021-34646 Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged... Booster_for_woocommerce 9.8
2022-01-03 CVE-2021-24999 The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting Booster_for_woocommerce 6.1
2022-01-03 CVE-2021-25000 The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue Booster_for_woocommerce 6.1
2022-01-03 CVE-2021-25001 The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue Booster_for_woocommerce 6.1
2019-08-12 CVE-2018-20966 The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. Booster_for_woocommerce 6.1