Booster

Booster For Woocommerce

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-52232

  • EPSS 0.16%
  • Veröffentlicht 09.06.2024 09:15:09
  • Zuletzt bearbeitet 21.11.2024 08:39:27

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.

6.5

CVE-2023-52230

  • EPSS 0.39%
  • Veröffentlicht 09.06.2024 09:15:09
  • Zuletzt bearbeitet 21.11.2024 08:39:26

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3.

6.5

CVE-2023-51511

  • EPSS 0.27%
  • Veröffentlicht 04.06.2024 13:15:49
  • Zuletzt bearbeitet 10.03.2025 18:41:56

Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3.

8.8

CVE-2023-48747

  • EPSS 0.7%
  • Veröffentlicht 04.06.2024 11:15:50
  • Zuletzt bearbeitet 05.02.2025 15:36:48

Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster for WooCommerce: from n/a through 7.1.2.

7.3

CVE-2024-3957

  • EPSS 0.66%
  • Veröffentlicht 02.05.2024 17:15:32
  • Zuletzt bearbeitet 03.02.2025 20:04:49

The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends ...

6.5

CVE-2023-52234

  • EPSS 0.58%
  • Veröffentlicht 28.03.2024 07:15:52
  • Zuletzt bearbeitet 10.03.2025 15:52:35

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2.

6.5

CVE-2023-52231

  • EPSS 0.58%
  • Veröffentlicht 28.03.2024 07:15:52
  • Zuletzt bearbeitet 10.03.2025 15:54:41

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.

6.1

CVE-2024-29760

  • EPSS 0.27%
  • Veröffentlicht 27.03.2024 14:15:11
  • Zuletzt bearbeitet 05.02.2025 15:41:03

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster for WooCommerce allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through 7.1.7.

8.8

CVE-2024-1986

  • EPSS 10.51%
  • Veröffentlicht 07.03.2024 21:15:08
  • Zuletzt bearbeitet 11.03.2025 16:40:10

The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wc_add_new_product() function in all versions up to, and including, 7.1.7. This makes it possible for customer-l...

5.4

CVE-2024-1534

  • EPSS 0.13%
  • Veröffentlicht 07.03.2024 10:15:06
  • Zuletzt bearbeitet 21.01.2025 17:00:58

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.1.7 due to insufficient input sanitization and output escaping on user supplied attrib...