Description
WordPress Plugin Booster Elite for WooCommerce is prone to multiple cross-site request forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Booster Elite for WooCommerce version 6.0.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.0.1 or latest
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3433)
WordPress Plugin VK All in One Expansion Unit Cross-Site Scripting (9.85.0.1)
WordPress Plugin WP Flash Player Multiple Cross-Site Scripting Vulnerabilities (1.3)
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.7)