Vulnerabilities > Woostify
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-4788 | Missing Authorization vulnerability in Woostify Boostify Header Footer Builder for Elementor The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_bhf_post function in all versions up to, and including, 1.3.3. | 4.3 |
| 2024-06-05 | CVE-2024-5006 | Cross-site Scripting vulnerability in Woostify Boostify Header Footer Builder for Elementor The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. | 5.4 |