CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4796 – Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode
https://notcve.org/view.php?id=CVE-2023-4796
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_wp_option' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with subscriber-level capabilities or above, to retrieve arbitrary sensitive site options. El Booster for WooCommerce para WordPress es vulnerable a la divulgación de información a través del shortcode 'wcj_wp_option' en versiones hasta la 7.1.0 incluida debido a controles insuficientes sobre la información recuperable a través del shortcode. Esto hace posible que atacantes autenticados, con capacidades de nivel de suscriptor o superior, recuperen opciones confidenciales arbitrarias del sitio. • https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/tags/7.1.0/includes/shortcodes/class-wcj-general-shortcodes.php#L450 https://plugins.trac.wordpress.org/changeset/2966325/woocommerce-jetpack#file1 https://www.wordfence.com/threat-intel/vulnerabilities/id/a4cd49b2-ff93-4582-906b-b690d8472c38?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38480 – Booster Elementor Addons <= 1.4.9 - Missing Authorization
https://notcve.org/view.php?id=CVE-2023-38480
The Booster Elementor Addons plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on several functions called via nopriv AJAX actions in the ~/base/core/ajax_handler.php file in versions up to, and including, 1.4.9. This makes it possible for unauthenticated attackers to perform a variety of actions such as load the icon chooser and save active widgets and extensions. • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-4017 – Booster for WooCommerce - Multiple CSRF
https://notcve.org/view.php?id=CVE-2022-4017
The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted actions via CSRF attacks Las versiones del complemento Booster para WooCommerce de WordPress anteriores a la versión 6.0.1, así como las versiones anteriores a la 6.0.1 del complemento Booster Plus para WooCommerce y también las anteriores a la 6.0.1 del complemento Booster Elite para WooCommerce tienen comprobaciones CSRF defectuosas o faltan por completo en numerosos lugares, lo que permite a los atacantes engañar a los usuarios registrados para que lleven a cabo acciones no deseadas a través de ataques CSRF. The Booster plugins (Booster, Booster Plus, and Booster Elite) for WordPress are vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.0.0 (Booster), 6.0.0 (Plus), and 6.0.0 (Elite). This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/609072d0-9bb9-4fe0-9626-7e4a334ca3a4 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-4227 – Booster for WooCommerce - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-4227
The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting El complemento Booster para WooCommerce de WordPress anterior a 5.6.3, el complemento de WordPress Booster Plus para WooCommerce anterior a 6.0.0 y el complemento de WordPress Booster Elite para WooCommerce anterior a 6.0.0 no escapan de algunas URL y parámetros antes de devolverlos en atributos, lo que lleva a Cross-Site Scripting Reflejado The Booster plugins (Booster, Booster Plus, and Booster Elite) for WordPress are vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.6.2 (Booster), as well as versions below 6.0.0 (Plus and Elite). This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/90d3022c-5d35-4ef2-ab87-6919268db890 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-4016 – Booster for WooCommerce - Custom Role Creation/Deletion via CSRF
https://notcve.org/view.php?id=CVE-2022-4016
The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks Booster for WooCommerce complemento para WordPress anterior a 5.6.7, Booster Plus for WooCommerce complemento para WordPress anterior a 5.6.6, Booster Elite for WooCommerce complemento para WordPress anterior a 1.1.8 no verifican correctamente si hay CSRF al crear y eliminar roles de Customer, lo que permite a los atacantes iniciar sesión Los administradores crean y eliminan roles personalizados arbitrarios mediante ataques CSRF. The Booster plugins (Booster, Booster Plus, and Booster Elite) for WordPress are vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.6.6 (Booster), 5.6.5 (Plus), and 1.1.7 (Elite). This is due to missing or incorrect nonce validation on functions such as 'process_actions' and 'get_delete_all_custom_statuses_button'. This makes it possible for unauthenticated attackers to create and delete arbitrary custom roles via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6 • CWE-352: Cross-Site Request Forgery (CSRF) •