Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Booster
Booster For Woocommerce

booster for woocommerce Vulnerabilities: CVEs, CISA KEV & Security Advisories

37 CVEs

booster for woocommerce Vulnerabilities

CVE security advisories and vulnerability history for booster for woocommerce by booster.

37

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

6

Public exploits

With known exploit

6.8

Avg CVSS

2019–2025

Last updated November 13, 2025

Overview

booster for woocommerce has 37 published CVE records since 2019, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 6 have a known public exploit. The average CVSS base score across scored CVEs is 6.8.

This page aggregates every publicly disclosed vulnerability (CVE) affecting booster for woocommerce, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of booster for woocommerce's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical1

High10

Medium22

Low0

4 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of booster for woocommerce's CVEs are currently listed in CISA's KEV catalog.

Public exploits

6

6 of booster for woocommerce's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every booster for woocommerce version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

5.6.74 CVEs
7.2.54 CVEs
5.4.93 CVEs
7.1.23 CVEs
7.1.83 CVEs
1.1.72 CVEs
5.6.52 CVEs
7.1.32 CVEs
7.2.42 CVEs
1.1.81 CVE
3.8.01 CVE
5.6.31 CVE
5.6.61 CVE
6.0.11 CVE
7.1.11 CVE
7.1.71 CVE
7.1.91 CVE
7.2.61 CVE
7.4.01 CVE
7.5.01 CVE

Find a version

37 CVEs

Sort

WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability
CVE-2025-64380
Patch
CWE-79
Medium · CVSS 6.5
EPSS 0.0% (9th pct)2025-11-13
WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability
CVE-2025-64379
Patch
CWE-862
Medium · CVSS 4.3
EPSS 0.0% (10th pct)2025-11-13
WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability
CVE-2025-64196
Patch
CWE-79
High · CVSS 7.1
EPSS 0.0% (9th pct)2025-11-06
Booster for WooCommerce <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload
CVE-2024-13342
Patch
CWE-434
High · CVSS 8.1
EPSS 0.6% (70th pct)2025-08-29
WordPress Booster Plus for WooCommerce plugin <= 7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-39446
Patch
CWE-79
High · CVSS 7.1
EPSS 0.6% (68th pct)2025-05-19
High vulnerability · 2025-04-04
CVE-2024-13708
Patch
CWE-434
High · CVSS 7.2
EPSS 0.5% (65th pct)2025-04-04
High vulnerability · 2025-04-04
CVE-2024-13744
Patch
CWE-434
High · CVSS 8.1
EPSS 2.7% (86th pct)2025-04-04
Booster for WooCommerce <= 7.2.4 - Unauthenticated Stored Cross-Site Scripting
CVE-2024-12278
Patch
CWE-79
High · CVSS 7.2
EPSS 1.2% (80th pct)2025-04-01
Booster for WooCommerce <= 7.2.3 - Authenticated (ShopManager+) Stored Cross-Site Scripting via wcj_product_meta Shortcode
CVE-2024-9170
Patch
CWE-79
Medium · CVSS 5.5
EPSS 0.4% (59th pct)2024-11-26
Booster for WooCommerce <= 7.2.3 - Reflected Cross-Site Scripting
CVE-2024-9239
Patch
CWE-79
Medium · CVSS 6.1
EPSS 1.7% (83th pct)2024-11-20
WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability
CVE-2023-52230
Patch
CWE-862
Medium · CVSS 6.5
EPSS 0.5% (67th pct)2024-06-09
WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability
CVE-2023-52232
Patch
CWE-862
Medium · CVSS 6.5
EPSS 0.2% (36th pct)2024-06-09
WordPress Booster Elite for WooCommerce plugin < 7.1.3 - Authenticated Production Creation/Modification Vulnerability
CVE-2023-51511
Patch
CWE-287
Medium · CVSS 6.5
EPSS 0.3% (50th pct)2024-06-04
WordPress Booster for WooCommerce plugin <= 7.1.2 - Authenticated Production Creation/Modification Vulnerability
CVE-2023-48747
Patch
CWE-287
Medium · CVSS 6.5
EPSS 0.7% (72th pct)2024-06-04
Booster for WooCommerce <= 7.1.8 - Unauthenticated Arbitrary Shortcode Execution
CVE-2024-3957
Patch
CWE-94
Medium · CVSS 6.5
EPSS 0.7% (71th pct)2024-05-02
WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Auth. Sensitive Data Exposure vulnerability
CVE-2023-52231
Patch
CWE-200
Medium · CVSS 6.5
EPSS 0.8% (74th pct)2024-03-28
WordPress Booster Elite for WooCommerce plugin < 7.1.2 - Auth. Sensitive Data Exposure vulnerability
CVE-2023-52234
Patch
CWE-200
Medium · CVSS 6.5
EPSS 0.8% (74th pct)2024-03-28
WordPress Booster for WooCommerce plugin <= 7.1.8 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-29760
Patch
CWE-79
High · CVSS 7.1
EPSS 0.3% (51th pct)2024-03-27
Elite Booster for WooCommerce <= 7.1.7 - Authenticated (Subscriber+) Arbitrary File Upload
CVE-2024-1986
Patch
CWE-434
High · CVSS 8.8
EPSS 10.5% (93th pct)2024-03-07
Booster for WooCommerce <= 7.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortocde
CVE-2024-1534
Patch
CWE-20
Medium · CVSS 6.4
EPSS 0.1% (32th pct)2024-03-07
Booster for WooCommerce <= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-1054
Patch
CWE-79
Medium · CVSS 6.4
EPSS 0.2% (40th pct)2024-02-20
WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure
CVE-2023-48333
Patch
CWE-200
Medium · CVSS 6.5
EPSS 0.7% (72th pct)2023-11-30
WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure
CVE-2023-40002
Patch
CWE-200
Medium · CVSS 6.5
EPSS 0.3% (53th pct)2023-11-22
Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode
CVE-2023-4796
Patch
CWE-200
Medium · CVSS 4.3
EPSS 0.2% (46th pct)2023-10-20
Booster for WooCommerce <= 7.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2023-5638
Patch
CWE-79
Medium · CVSS 6.4
EPSS 0.1% (26th pct)2023-10-19
Booster for WooCommerce <= 7.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2023-4945
Patch
CWE-79
Medium · CVSS 6.4
EPSS 0.1% (27th pct)2023-09-14
High vulnerability · 2023-01-23
CVE-2022-4017
Public exploit
Patch
High · CVSS 8.8
EPSS 0.2% (45th pct)2023-01-23
Medium vulnerability · 2022-12-26
CVE-2022-4227
Public exploit
Patch
Medium · CVSS 6.1
EPSS 0.2% (42th pct)2022-12-26
Medium vulnerability · 2022-12-12
CVE-2022-4016
Public exploit
Patch
Medium · CVSS 6.5
EPSS 0.3% (50th pct)2022-12-12
High vulnerability · 2022-11-21
CVE-2022-3763
Public exploit
Patch
High · CVSS 8.1
EPSS 0.2% (37th pct)2022-11-21

Showing 30 of 37

Common weakness types

The CWE weakness categories most often found in booster for woocommerce CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')13 CVEs
CWE-200Exposure of Sensitive Information to an Unauthorized Actor5 CVEs
CWE-434Unrestricted Upload of File with Dangerous Type4 CVEs
CWE-862Missing Authorization3 CVEs
CWE-287Improper Authentication2 CVEs
CWE-94Improper Control of Generation of Code ('Code Injection')1 CVE
CWE-290Authentication Bypass by Spoofing1 CVE
CWE-352Cross-Site Request Forgery (CSRF)1 CVE

Disclosure activity by year

How many booster for woocommerce CVEs were published each year.

2019

1

2021

1

2022

8

2023

6

2024

13

2025

8

Other booster products

Browse vulnerabilities for other products by booster.

Booster Elite for WooCommerce2 CVEs Booster Plus for WooCommerce2 CVEs booster elite woocommerce1 CVEs booster_for_woocommerce1 CVEs booster plus woocommerce1 CVEs

All booster vulnerabilities

Frequently asked questions

Common questions about booster for woocommerce vulnerabilities.

How many CVEs does booster booster for woocommerce have?

booster booster for woocommerce has 37 published CVE records since 2019.

How many booster booster for woocommerce CVEs are in CISA KEV?

None of booster booster for woocommerce's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for booster booster for woocommerce vulnerabilities?

Yes — 6 of booster booster for woocommerce's CVEs have a known public exploit.

Which versions of booster booster for woocommerce are affected?

20 distinct booster booster for woocommerce versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in booster booster for woocommerce CVEs?

booster booster for woocommerce's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-434 (Unrestricted Upload of File with Dangerous Type), CWE-862 (Missing Authorization).

How many critical booster booster for woocommerce vulnerabilities are there?

booster booster for woocommerce has 1 critical and 10 high-severity CVEs.

What is the average severity of booster booster for woocommerce CVEs?

The average CVSS base score across booster booster for woocommerce's scored CVEs is 6.8.

References

All booster vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track booster for woocommerce vulnerabilities

Monitor new booster for woocommerce vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References