Vulnerabilities > CVE-2023-52230 - Missing Authorization vulnerability in Booster for Woocommerce

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

booster

CWE-862

NVD

Published: 2024-06-09

Updated: 2024-07-22

Summary

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3.

Vulnerable Configurations

Part	Description	Count
Application	Booster Booster Booster FOR Woocommerce - Booster Booster FOR Woocommerce 5.6.5 Booster Booster FOR Woocommerce 5.6.6 Booster Booster FOR Woocommerce 7.1.2 Booster Booster FOR Woocommerce 7.1.3	5

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/vulnerability/booster-plus-for-woocommerce/wordpress-booster-plus-for-woocommerce-plugin-7-1-3-authenticated-arbitrary-wordpress-option-disclosure-vulnerability?_s_id=cve