Does Booster Extension have any unpatched vulnerabilities?

No. All known vulnerabilities in Booster Extension have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Booster Extension compatible with WordPress 6.5.8?

According to WordPress.org data, Booster Extension 1.2.2 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Booster Extension compatible with PHP 5.5+?

Booster Extension requires PHP 5.5 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Booster Extension updated?

Booster Extension was last updated on Apr 26, 2024. Frequent updates are generally a positive security signal.

What is Booster Extension's security score?

Booster Extension has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Booster Extension Security & Risk Analysis

wordpress.org/plugins/booster-extension

Booster Extension is a free WordPress plugin that supercharges your site with awesome powerful features. There’re numerous plugins in the official Wor …

8K active installs v1.2.2 PHP 5.5+ WP 4.5+ Updated Apr 26, 2024

post-like-and-dislikepost-reactionsread-timeshare-countsocial-share

A · Safe

CVEs total1

Unpatched0

Last CVEApr 29, 2024

Plugin page Download

Safety Verdict

Is Booster Extension Safe to Use in 2026?

Generally Safe

Score 91/100

Booster Extension has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 29, 2024Updated 1yr ago

Risk Assessment

The "booster-extension" v1.2.2 plugin exhibits a generally strong security posture, with a high percentage of properly escaped outputs and the exclusive use of prepared statements for SQL queries. The absence of direct file operations and dangerous functions is also a positive indicator. However, there are some areas for improvement and potential concern. While all identified AJAX handlers and REST API routes have authorization checks, the presence of 6 AJAX handlers and 8 shortcodes contributes to a moderate attack surface. The taint analysis revealing one flow with an unsanitized path, even without critical or high severity, warrants attention as it could potentially be exploited under specific conditions.

The vulnerability history, showing one past medium-severity CVE related to Missing Authorization, is a significant point of concern. Although currently patched, this history suggests a recurring pattern of authorization weaknesses. The fact that this was a recent vulnerability (April 2024) and is marked as patched could indicate that the developers are responsive to security issues but also that such vulnerabilities can emerge. The absence of any currently unpatched vulnerabilities is a positive, but the past pattern highlights the need for continued vigilance and thorough security reviews.

In conclusion, "booster-extension" v1.2.2 demonstrates good development practices in key areas like SQL and output handling. The developers seem to address identified vulnerabilities. Nevertheless, the attack surface, while protected, is not negligible, and the historical pattern of authorization flaws, even if resolved, suggests a need for ongoing robust security testing and code review. The taint analysis also points to a potential for subtle vulnerabilities that might not be immediately apparent.

Key Concerns

Past medium CVE (Missing Authorization)
Taint flow with unsanitized path
Moderate attack surface (AJAX + shortcodes)

Vulnerabilities

Booster Extension Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-2109medium · 5.3Missing Authorization

Booster Extension <= 1.2.0 - Basic Information Exposure via booster_extension_authorbox_shortcode_display

Apr 29, 2024 Patched in 1.2.1 (33d)

Code Analysis

Analyzed Mar 16, 2026

Booster Extension Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

772 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped791 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

<author-box-shortcode> (inc\frontend\author-box-shortcode.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Booster Extension Attack Surface

Entry Points14

Unprotected0

AJAX Handlers 6

authwp_ajax_booster_extension_like_dislikeinc\backend\twp-be-like-dislike.php:10

noprivwp_ajax_booster_extension_like_dislikeinc\backend\twp-be-like-dislike.php:11

authwp_ajax_booster_extension_post_reactinc\backend\twp-be-post-reactions.php:10

noprivwp_ajax_booster_extension_post_reactinc\backend\twp-be-post-reactions.php:11

authwp_ajax_booster_extension_read_later_post_ajaxinc\frontend\read-later.php:23

noprivwp_ajax_booster_extension_read_later_post_ajaxinc\frontend\read-later.php:24

Shortcodes 8

[booster-extension-like-dislike] booster-extension.php:54

[booster-extension-ss] booster-extension.php:56

[booster-extension-ab] booster-extension.php:58

[booster-extension-read-time] booster-extension.php:60

[booster-extension-reaction] booster-extension.php:62

[booster-extension-visit-count] booster-extension.php:74

[be-pp] inc\frontend\read-later.php:63

[be-booster-favourites] inc\frontend\read-later.php:165

WordPress Hooks 33

actionin_admin_headerbooster-extension.php:33

actioninitbooster-extension.php:43

actioninitbooster-extension.php:44

actionadmin_enqueue_scriptsbooster-extension.php:46

actionwp_enqueue_scriptsbooster-extension.php:47

actionadmin_menubooster-extension.php:48

actionadmin_post_booster_extension_settings_optionsbooster-extension.php:49

filteruser_contactmethodsbooster-extension.php:50

filterbody_classbooster-extension.php:51

filterthe_contentbooster-extension.php:52

actionbooster_extension_like_dislikebooster-extension.php:53

actionbooster_extension_social_iconsbooster-extension.php:55

actionbooster_extension_author_boxbooster-extension.php:57

actionbooster_extension_read_timebooster-extension.php:59

actionbooster_extension_reactionbooster-extension.php:61

actionbooster_extension_post_view_actionbooster-extension.php:82

filtercomments_templatebooster-extension.php:112

actioncomment_form_logged_in_afterinc\backend\comment.php:5

actioncomment_form_before_fieldsinc\backend\comment.php:6

actioncomment_postinc\backend\comment.php:25

actionadd_meta_boxes_commentinc\backend\comment.php:139

actionedit_commentinc\backend\comment.php:170

actionadd_meta_boxesinc\backend\like-count-metabox.php:10

actionmanage_post_posts_custom_columninc\backend\like-count-metabox.php:85

filtermanage_post_posts_columnsinc\backend\like-count-metabox.php:97

actionwidgets_initinc\backend\twp-be-author-widget.php:20

filtermanage_posts_columnsinc\backend\twp-be-views-count.php:187

actionmanage_posts_custom_columninc\backend\twp-be-views-count.php:188

actionshow_user_profileinc\backend\user-field.php:10

actionedit_user_profileinc\backend\user-field.php:11

actionpersonal_options_updateinc\backend\user-field.php:120

actionedit_user_profile_updateinc\backend\user-field.php:121

filterafter_setup_themeinc\frontend\read-later.php:163

Maintenance & Trust

Booster Extension Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 26, 2024

PHP min version5.5

Downloads182K

Community Trust

Rating88/100

Number of ratings7

Active installs8K

Alternatives

Booster Extension Alternatives

Social Rocket – Social Sharing Plugin

social-rocket

Add fully-customizable social sharing buttons to your site. Easy to use and packed with many additional social networking features.

1K 6 CVEs

Rigororus Social Share

rigorous-social-share

Add differnet social share to your website including social share count.

10 No CVEs

WP All Share

wp-all-share

WP All Share is a perfect plugin to make any content on your website Social, and increase your social reach drastically!

10 No CVEs

Social Sharing Plugin – Sassy Social Share

sassy-social-share

The Simplest and Optimized Social Share buttons. Facebook, X, Reddit, Pinterest, Whatsapp, Grok, ChatGPT, Gab, Gettr and over 100 more.

100K 11 CVEs

Wp Social Login and Register Social Counter

wp-social

Wp social lets you add social login, social counter, and social share buttons of different styles to your WordPress website.

80K 5 CVEs

Developer Profile

Booster Extension Developer Profile

themeinwp

5 plugins · 12K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

33 days

View full developer profile

Detection Fingerprints

How We Detect Booster Extension

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/booster-extension/assets/css/admin.css/wp-content/plugins/booster-extension/assets/css/social-icons.min.css/wp-content/plugins/booster-extension/assets/css/style.css/wp-content/plugins/booster-extension/assets/js/admin.js/wp-content/plugins/booster-extension/assets/js/frontend.js

Script Paths

/wp-content/plugins/booster-extension/assets/js/admin.js/wp-content/plugins/booster-extension/assets/js/frontend.js

Version Parameters

booster-extension/assets/css/admin.css?ver=booster-extension/assets/css/social-icons.min.css?ver=booster-extension/assets/css/style.css?ver=booster-extension/assets/js/admin.js?ver=booster-extension/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

booster-extension

Data Attributes

data-nonce

JS Globals

booster_extension_adminbooster_extension_frontend_script

Shortcode Output

[booster-extension-like-dislike][booster-extension-ss][booster-extension-ab][booster-extension-read-time]

FAQ