Booster

Booster For Woocommerce

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-1054

  • EPSS 0.15%
  • Veröffentlicht 29.02.2024 01:43:38
  • Zuletzt bearbeitet 05.02.2025 16:41:16

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wcj_product_barcode' shortcode in all versions up to, and including, 7.1.6 due to insufficient input sanitization and output escaping on...

6.5

CVE-2023-48333

  • EPSS 0.68%
  • Veröffentlicht 30.11.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:31:30

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce.This issue affects Booster for WooCommerce: from n/a through 7.1.1.

6.5

CVE-2023-40002

  • EPSS 0.29%
  • Veröffentlicht 23.11.2023 00:15:08
  • Zuletzt bearbeitet 21.11.2024 08:18:30

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce plugin <= 7.1.1 versions.

4.3

CVE-2023-4796

Exploit
  • EPSS 0.23%
  • Veröffentlicht 20.10.2023 08:15:12
  • Zuletzt bearbeitet 21.11.2024 08:35:59

The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_wp_option' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it p...

5.4

CVE-2023-5638

  • EPSS 0.09%
  • Veröffentlicht 19.10.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:42:10

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcj_image' shortcode in versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

5.4

CVE-2023-4945

  • EPSS 0.1%
  • Veröffentlicht 14.09.2023 03:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:19

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...

8.8

CVE-2022-4017

  • EPSS 0.23%
  • Veröffentlicht 23.01.2023 15:15:14
  • Zuletzt bearbeitet 02.04.2025 16:15:23

The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numero...

6.1

CVE-2022-4227

  • EPSS 0.2%
  • Veröffentlicht 26.12.2022 13:15:13
  • Zuletzt bearbeitet 14.04.2025 14:15:22

The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in a...

6.5

CVE-2022-4016

Exploit
  • EPSS 0.27%
  • Veröffentlicht 12.12.2022 18:15:13
  • Zuletzt bearbeitet 22.04.2025 15:16:08

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer ro...

8.1

CVE-2022-3763

Exploit
  • EPSS 0.15%
  • Veröffentlicht 21.11.2022 11:15:21
  • Zuletzt bearbeitet 30.04.2025 16:15:25

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the che...