Title: Vulnerability Last modified: April 1, 2025 --- # Vulnerability * Resolved [kds26](https://wordpress.org/support/users/kds26/) * (@kds26) * [1 year, 1 month ago](https://wordpress.org/support/topic/vulnerability-124/) * Hi, * Wordfence is showing a vulnerability for this plugin. It says it has been patched in version 7.2.6 but I cannot see this version available. Can you please let me know when I will be able to update to this version. Thank you. * [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack/booster-for-woocommerce-725-unauthenticated-stored-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack/booster-for-woocommerce-725-unauthenticated-stored-cross-site-scripting) Viewing 8 replies - 1 through 8 (of 8 total) * [mikepeace](https://wordpress.org/support/users/mikepeace/) * (@mikepeace) * [1 year, 1 month ago](https://wordpress.org/support/topic/vulnerability-124/#post-18394580) * Where can I download the code fix for the vulenerability? * [mojojojomo](https://wordpress.org/support/users/mojojojomo/) * (@mojojojomo) * [1 year, 1 month ago](https://wordpress.org/support/topic/vulnerability-124/#post-18394835) * Update? Whats going on? * [David G?](https://wordpress.org/support/users/gravid7/) * [meerow](https://wordpress.org/support/users/meerow/) * (@meerow) * [1 year, 1 month ago](https://wordpress.org/support/topic/vulnerability-124/#post-18395914) * An update on this topic would be much appreciated * [letitia1111](https://wordpress.org/support/users/letitia1111/) * (@letitia1111) * [1 year, 1 month ago](https://wordpress.org/support/topic/vulnerability-124/#post-18397161) * An update please. * Plugin Contributor [David G](https://wordpress.org/support/users/gravid7/) * (@gravid7) * [1 year ago](https://wordpress.org/support/topic/vulnerability-124/#post-18406953) * Hello [@kds26](https://wordpress.org/support/users/kds26/), * We’ve addressed and resolved the issue in the latest Booster version 7.2.5. The vulnerability was identified in older versions, but it has been fully patched in the new release. * You can view the patch status here: * [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack/](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack/) * [dooza](https://wordpress.org/support/users/dooza/) * (@dooza) * [1 year ago](https://wordpress.org/support/topic/vulnerability-124/#post-18415190) * Hi [@gravid7](https://wordpress.org/support/users/gravid7/) Patchstack still thinks you have a security issue: [https://patchstack.com/database/wordpress/plugin/woocommerce-jetpack/vulnerability/wordpress-booster-for-woocommerce-plugin-7-2-5-unauthenticated-stored-cross-site-scripting-vulnerability?_a_id=431](https://patchstack.com/database/wordpress/plugin/woocommerce-jetpack/vulnerability/wordpress-booster-for-woocommerce-plugin-7-2-5-unauthenticated-stored-cross-site-scripting-vulnerability?_a_id=431) * It seems the WordFence thinks CVE-2024-12278 affects 7.2.4 and below and is patched, but this [https://www.cve.org/CVERecord?id=CVE-2024-12278](https://www.cve.org/CVERecord?id=CVE-2024-12278) thinks its 7.2.5 and below. * It’s great that it’s patched and is secure, just slightly frustrating that I get twice daily alerts saying it’s not. * [dooza](https://wordpress.org/support/users/dooza/) * (@dooza) * [1 year ago](https://wordpress.org/support/topic/vulnerability-124/#post-18415328) * Hi [@gravid7](https://wordpress.org/support/users/gravid7/) , just to let you know I spoke to Patchstack and they have updated their system so the alerts will go away now. * Plugin Contributor [David G](https://wordpress.org/support/users/gravid7/) * (@gravid7) * [1 year ago](https://wordpress.org/support/topic/vulnerability-124/#post-18425159) * Hello [@dooza](https://wordpress.org/support/users/dooza/), The above security path has already been applied in the recent version. Can you please upgrade and check?You can have at the complete list of security fixes here: [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack) Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Vulnerability’ is closed to new replies. * ![](https://ps.w.org/woocommerce-jetpack/assets/icon-256x256.png?rev=3351194) * [Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools](https://wordpress.org/plugins/woocommerce-jetpack/) * [Frequently Asked Questions](https://wordpress.org/plugins/woocommerce-jetpack/#faq) * [Support Threads](https://wordpress.org/support/plugin/woocommerce-jetpack/) * [Active Topics](https://wordpress.org/support/plugin/woocommerce-jetpack/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/woocommerce-jetpack/unresolved/) * [Reviews](https://wordpress.org/support/plugin/woocommerce-jetpack/reviews/) * 11 replies * 7 participants * Last reply from: [David G](https://wordpress.org/support/users/gravid7/) * Last activity: [1 year ago](https://wordpress.org/support/topic/vulnerability-124/#post-18425159) * Status: resolved