cleantalk
Vulnerabilities and Security Researches

Booster for WooCommerce, CVE-2025-64380

CVE, Research URL

CVE-2025-64380

Home page URL

Security reports for Booster for WooCommerce

Application

Booster for WooCommerce

Published on
Nov 13, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.3.2.
Affected versions
max 7.4.0.
Status
vulnerable
Previous vulnerability researches
Advanced Flamingo (CVE-2023-52226) , Jun 07, 2024
New vulnerability
School Management System – WPSchoolPress (CVE-2025-11981) , Dec 11, 2025
Booking System for Your WordPress Appointments &#8211; Time Slot (CVE-2025-12842) , Dec 11, 2025
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more (CVE-2025-64269) , Dec 11, 2025
WP Gravity Forms FreshDesk Plugin (CVE-2025-67587) , Dec 11, 2025
Everest Backup &#8211; WordPress Cloud Backup, Migration, Restore &amp; Cloning Plugin (CVE-2025-10304) , Dec 11, 2025