Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-8711
HistoryMar 14, 2018 - 7:29 p.m.

Input validation

2018-03-1419:29:00
PRIOn knowledge base
www.prio-n.com
1

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack.

CPENameOperatorVersion
woocommerce_products_filterlt2.2.0

Related

cve 1
nvd 1
cvelist 1
openvas 1
wpvulndb 1
cve
cve
CVE-2018-8711
2022-10-03 16:21:54
nvd
nvd
CVE-2018-8711
2018-03-14 19:29:00
cvelist
cvelist
CVE-2018-8711
2022-10-03 16:21:54
openvas
openvas
WordPress WOOF - Products Filter for WooCommerce Plugin < 1.2.2.0 Multiple Vulnerabilities
2018-11-13 00:00:00
wpvulndb
wpvulndb
WooCommerce Products Filter <= 1.1.9 - Multiple Issues
2018-03-14 00:00:00

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON
Related for PRION:CVE-2018-8711
cve1nvd1cvelist1openvas1wpvulndb1