The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/90d3022c-5d35-4ef2-ab87-6919268db890 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-12-26T12:28:11.362Z
Updated: 2023-01-10T09:11:07.085Z
Reserved: 2022-11-30T09:44:56.666Z
Link: CVE-2022-4227
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-26T13:15:13.777
Modified: 2023-11-07T03:57:14.870
Link: CVE-2022-4227
JSON object: View
Redhat Information
No data.
CWE
No CWE.