Booster Plus For Woocommerce vulnerabilities

2 known vulnerabilities affecting booster/booster_plus_for_woocommerce.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2023-52231MEDIUMCVSS 6.5≥ n/a, < 7.1.22024-03-28

CVE-2023-52231 [MEDIUM] CWE-200 CVE-2023-52231: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.

CVE-2022-4227MEDIUMCVSS 6.1fixed in 6.0.02022-12-26

CVE-2022-4227 [MEDIUM] CWE-79 CVE-2022-4227: The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress pl The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting