Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-8710
HistoryMar 14, 2018 - 7:29 p.m.

Remote code execution

2018-03-1419:29:00
PRIOn knowledge base
www.prio-n.com
5

9.7 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON

A remote code execution issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The plugin implemented a page redraw AJAX function accessible to anyone without any authentication. WordPress shortcode markup in the “shortcode” parameters would be evaluated. Normally unauthenticated users can’t evaluate shortcodes as they are often sensitive.

CPENameOperatorVersion
woocommerce_products_filterlt2.2.0

Related

cve 1
nvd 1
cvelist 1
openvas 1
wpvulndb 1
cve
cve
CVE-2018-8710
2022-10-03 16:21:53
nvd
nvd
CVE-2018-8710
2018-03-14 19:29:00
cvelist
cvelist
CVE-2018-8710
2022-10-03 16:21:53
openvas
openvas
WordPress WOOF - Products Filter for WooCommerce Plugin < 1.2.2.0 Multiple Vulnerabilities
2018-11-13 00:00:00
wpvulndb
wpvulndb
WooCommerce Products Filter <= 1.1.9 - Multiple Issues
2018-03-14 00:00:00

9.7 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON
Related for PRION:CVE-2018-8710
cve1nvd1cvelist1openvas1wpvulndb1