Vulnerability Database

318,003

Total vulnerabilities in the database

CVE-2022-3763

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in shop manager or admin delete them via a CSRF attack

Published: Nov 21, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-3763
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
booster / booster_for_woocommerce	-	5.6.7
booster / booster_for_woocommerce	-	1.1.7
booster / booster_for_woocommerce	-	5.6.5

https://wpscan.com/vulnerability/7ab15530-8321-487d-97a5-1469b51fcc3f

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo