Cross-Site Scripting Vulnerability in WooCommerce Plugin by WordPress
CVE-2025-64380
Currently unrated
What is CVE-2025-64380?
A Cross-Site Scripting (XSS) vulnerability exists in the Booster for WooCommerce plugin for WordPress, allowing attackers to inject malicious scripts into web pages. This vulnerability affects versions of the plugin up to 7.3.2, enabling stored XSS attacks that could compromise user data and web security. Users are advised to update to the latest version of the plugin to mitigate potential risks.
Affected Version(s)
Booster for WooCommerce <= n/a