woocommerce-jetpack
by Booster
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4945 | Med | 0.35 | 6.4 | 0.00 | Sep 14, 2023 | The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for… | ||
| CVE-2025-64379 | 0.00 | — | 0.00 | Nov 13, 2025 | Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <= 7.4.0. | |||
| CVE-2025-64196 | 0.00 | — | 0.00 | Nov 6, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.2.5. | |||
| CVE-2018-20966 | 0.00 | — | 0.02 | Aug 12, 2019 | The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. |
- risk 0.35cvss 6.4epss 0.00
The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…
- CVE-2025-64379Nov 13, 2025risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <= 7.4.0.
- CVE-2025-64196Nov 6, 2025risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.2.5.
- CVE-2018-20966Aug 12, 2019risk 0.00cvss —epss 0.02
The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.