WordPress Plugin Vulnerabilities

Booster for WooCommerce - Reflected Cross-Site Scripting

The plugins do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting

Fixed in version 5.6.3

Fixed in version 6.0.0

Fixed in version 6.0.0

CVE

Type

XSS

OWASP top 10

CWE

Original Researcher

WPScan

Verified

Yes

WPVDB ID

Publicly Published

2022-12-05 (about 1 months ago)

Added

2022-12-05 (about 1 months ago)

Last Updated

2022-12-05 (about 1 months ago)