Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2018-8711
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2018-8711

2022-10-0316:21:54
mitre
www.cve.org
vulnerability
local file inclusion
woocommerce products filter

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack.

Related

cve 1
nvd 1
prion 1
openvas 1
wpvulndb 1
cve
cve
CVE-2018-8711
2022-10-03 16:21:54
nvd
nvd
CVE-2018-8711
2018-03-14 19:29:00
prion
prion
Input validation
2018-03-14 19:29:00
openvas
openvas
WordPress WOOF - Products Filter for WooCommerce Plugin < 1.2.2.0 Multiple Vulnerabilities
2018-11-13 00:00:00
wpvulndb
wpvulndb
WooCommerce Products Filter <= 1.1.9 - Multiple Issues
2018-03-14 00:00:00

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON
Related for CVELIST:CVE-2018-8711
cve1nvd1prion1openvas1wpvulndb1