Booster for WooCommerce, CVE-2021-25000

CVE, Research URL: CVE-2021-25000
Home page URL: Security reports for Booster for WooCommerce
Application: Booster for WooCommerce
Published on: Jan 03, 2022
Research Description: The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue
Affected versions: Min -, max 5.4.9.
Status: vulnerable