PT-2025-45333 · Pluggabl+2 · Booster For Woocommerce+2
Published
2025-11-06
·
Updated
2025-11-06
·
CVE-2025-64196
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Pluggabl Booster for WooCommerce versions through 7.2.5
Description
The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows for the execution of malicious scripts within the context of a user's browser. The issue impacts the way user-supplied data is processed and displayed on web pages. The vulnerable component is Pluggabl Booster for WooCommerce woocommerce-jetpack.
Recommendations
Update Pluggabl Booster for WooCommerce to a version later than 7.2.5.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Booster For Woocommerce
Booster Plus For Woocommerce
Woocommerce-Jetpack