Medium 5.3
2026-03-17< 7.11.3
CVE-2026-32586
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools
Minimum safe version
7.11.3
Update to 7.11.3 or later to address 46 fixable vulnerabilities
Latest available8.0.0 ✓
Medium 4.3
2025-11-13< 7.5.0
CVE-2025-64379
Medium 6.5
2025-11-13< 7.4.0
CVE-2025-64380
High 7.1
2025-11-06< 7.2.6
CVE-2025-64196
High 8.1
2025-08-29< 7.2.5
CVE-2024-13342
High 7.2
2025-04-04< 7.2.5
CVE-2024-13708
Critical 9.8
2025-04-04< 7.2.5
CVE-2024-13744
High 7.2
2025-04-01< 7.2.6
CVE-2024-12278
Medium 4.8
2024-11-26< 7.2.4
CVE-2024-9170
Medium 6.1
2024-11-20< 7.2.4
CVE-2024-9239
High 7.3
2024-05-02< 7.1.9
CVE-2024-3957
High 7.1
2024-03-27< 7.1.8
CVE-2024-29760
Medium 5.4
2024-03-07< 7.1.8
CVE-2024-1534
High 8.8
2024-03-07< 7.1.8
CVE-2024-1986
Medium 5.4
2024-02-20< 7.1.7
CVE-2024-1054
Medium 6.5
2024-06-04< 7.1.3
CVE-2023-48747
Medium 6.5
2023-11-30< 7.1.2
CVE-2023-48333
Medium 5.4
2023-10-19< 7.1.3
CVE-2023-5638
Medium 6.5
2023-11-22< 7.1.2
CVE-2023-40002
N/A
2023-10-04< 7.1.2
Booster for WooCommerce <= 7.1.1 - Authenticated (Subscriber+) Information Disclosure via Shortcode
N/A
< 7.1.0
Booster for WooCommerce < 7.1.0 - Shop Manager+ Missing Authorization to Arbitrary Options Update
Medium 5.4
2023-09-14< 7.1.1
CVE-2023-4945
Medium 4.3
2023-10-20< 7.1.1
CVE-2023-4796
N/A
< 5.6.2
Booster for WooCommerce < 5.6.2 - Reflected Cross-Site Scripting
N/A
< 5.6.3
Booster for WooCommerce (Free < 5.6.3, Premium < 5.6.1) - Subscriber+ Order Status Update
High 8.8
2023-01-23< 6.0.1
CVE-2022-4017
N/A
2023-08-01< 7.1.0
Booster for WooCommerce 7.0.0 - Authenticated (Shop Manager+) Missing Authorization to Arbitrary Options Update
N/A
2023-08-01< 7.1.0
WordPress Booster for WooCommerce Plugin <= 7.0.0 is vulnerable to Broken Access Control
N/A
2022-05-31< 5.5.9
Booster for WooCommerce <= 5.5.8 - Reflected Cross-Site Scripting
N/A
2022-07-04< 5.6.0
Booster for WooCommerce <= 5.5.9 - Reflected Cross-Site Scripting
N/A
2022-07-27< 5.6.2
Booster for WooCommerce <= 5.6.1 - Cross-Site Request Forgery
N/A
2022-09-19< 5.6.3
Booster for WooCommerce (Free <= 5.6.2 and Premium <= 5.6.0) - Authenticated (Subscriber+) Order Modification
N/A
2022-11-30< 6.0.0
Booster for WooCommerce <= 5.6.8 - Cross-Site Request Forgery
Medium 6.1
2022-12-26< 5.6.3
CVE-2022-4227
Medium 6.5
2023-11-21< 5.6.7
WordPress Booster for WooCommerce Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF)
Medium 6.5
2022-11-21< 5.6.7
CVE-2022-3762
High 8.1
2022-11-21< 5.6.7
CVE-2022-3763
Medium 5.4
2022-11-18< 5.6.7
CVE-2022-41805
N/A
2022-09-19< 5.6.3
WordPress Booster for WooCommerce plugin <= 5.6.2 - Authenticated Order Status Update vulnerability
N/A
2022-09-19< 5.6.3
WordPress Booster Plus for WooCommerce premium plugin <= 5.6.0 - Authenticated Order Status Update vulnerability
N/A
2022-07-04< 5.6.0
WordPress Booster for WooCommerce plugin <= 5.5.9 - Reflected Cross-Site Scripting (XSS) vulnerability
Medium 6.1
2019-08-12< 3.8.0
CVE-2018-20966
Critical 9.8
2021-08-30< 5.4.4
CVE-2021-34646
Medium 6.1
2022-01-03< 5.4.9
CVE-2021-25001
Medium 6.1
2022-01-03< 5.4.9
CVE-2021-25000
Medium 6.1
2022-01-03< 5.4.9
CVE-2021-24999