WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Broken Access Control
- Score:
- 5.3
References
PatchStack
CVE
Timeline
- Publicly Published
- 2026-03-17
- Created
- 2026-03-17
WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Broken Access Control
- Score:
- 4.3
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-10-30
- Created
- 2025-11-13
WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.5
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-10-18
- Created
- 2025-11-13
WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-04-22
- Created
- 2025-11-03
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Arbitrary File Upload
- Score:
- 8.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-08-29
- Created
- 2025-08-29
WordPress Booster for WooCommerce plugin 4.0.1-7.2.4 - Unauthenticated Stored Cross-Site Scripting vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-04-03
- Created
- 2025-04-03
WordPress Booster for WooCommerce plugin 4.0.1-7.2.4 - Unauthenticated Arbitrary File Upload vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Arbitrary File Upload
- Score:
- 8.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-04-03
- Created
- 2025-04-03
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Stored Cross-Site Scripting vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-03-31
- Created
- 2025-03-31
WordPress Booster for WooCommerce plugin <= 7.2.3 - Authenticated (ShopManager+) Stored Cross-Site Scripting via wcj_product_meta Shortcode vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 5.9
WordPress Booster for WooCommerce plugin <= 7.2.3 - Reflected Cross-Site Scripting vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
WordPress Booster for WooCommerce plugin <= 7.1.8 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Broken Access Control
- Score:
- 5.3
WordPress Booster for WooCommerce plugin <= 7.1.7 - Reflected Cross Site Scripting (XSS) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2024-03-25
- Created
- 2024-03-25
WordPress Booster for WooCommerce plugin <= 7.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortocde vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.5
WordPress Booster for WooCommerce plugin <= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.5
WordPress Booster for WooCommerce plugin <= 7.1.2 - Authenticated Production Creation/Modification Vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Content Injection
- Score:
- 6.5
References
PatchStack
CVE
Timeline
- Publicly Published
- 2023-11-24
- Created
- 2023-11-24
WordPress Booster for WooCommerce plugin <= 7.1.1 - Auth. Arbitrary Order Information Disclosure Vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Sensitive Data Exposure
- Score:
- 6.5
References
PatchStack
CVE
Timeline
- Publicly Published
- 2023-11-24
- Created
- 2023-11-24
Wordpress Booster for WooCommerce plugin <= 7.1.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.4
WordPress Booster for WooCommerce plugin <= 7.1.1 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Sensitive Data Exposure
- Score:
- 6.5
References
PatchStack
CVE
Timeline
- Publicly Published
- 2023-10-04
- Created
- 2023-10-04
Wordpress Booster for WooCommerce plugin <= 7.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.5
Wordpress Booster for WooCommerce plugin <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Sensitive Data Exposure
- Score:
- 4.3
Wordpress Booster for Woocommerce plugin <= 7.0.0 - Shop Manager+ Arbitrary Option Update vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Broken Access Control
- Score:
- 7.2
References
PatchStack
Timeline
- Publicly Published
- 2023-08-01
- Created
- 2023-08-09
Wordpress Booster for Woocommerce plugin < 6.0.1 - Multiple CSRF vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Request Forgery (CSRF)
- Score:
- 4.3
WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Request Forgery (CSRF)
- Score:
- 5.4
WordPress Booster for WooCommerce plugin <= 5.6.6 - Auth. Arbitrary File Download vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Arbitrary File Download
- Score:
- 4.9
WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Request Forgery (CSRF)
- Score:
- 5.4
WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Request Forgery (CSRF)
- Score:
- 5.4
References
PatchStack
CVE
Timeline
- Publicly Published
- 2022-10-28
- Created
- 2022-11-28
WordPress Booster for WooCommerce plugin <= 5.6.2 - Authenticated Order Status Update vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Insecure Direct Object References (IDOR)
- Score:
- 5.3
References
PatchStack
Timeline
- Publicly Published
- 2022-09-19
- Created
- 2022-09-19