Booster for WooCommerce, 8c0fa2c4ae5405ae42155be28ce46042994b9952

CVE, Research URL: 8c0fa2c4ae5405ae42155be28ce46042994b9952
Home page URL: Security reports for Booster for WooCommerce
Application: Booster for WooCommerce
Published on: Jul 04, 2022
Research Description: Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools [woocommerce-jetpack] < 5.6.0 Booster for WooCommerce <= 5.5.9 - Reflected Cross-Site Scripting The Booster for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.5.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: max 5.6.0.
Status: vulnerable