VYPR

woocommerce-jetpack

by Booster

CVEs (4)

  • CVE-2023-4945MedSep 14, 2023
    risk 0.35cvss 6.4epss 0.00

    The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…

  • CVE-2025-64379Nov 13, 2025
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <= 7.4.0.

  • CVE-2025-64196Nov 6, 2025
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.2.5.

  • CVE-2018-20966Aug 12, 2019
    risk 0.00cvss epss 0.02

    The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.