9 matches found
CVE-2022-45359
Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...
WordPress YITH WooCommerce Gift Cards Premium Plugin < 3.20.0 Arbitrary File Upload Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yithemes:yithwoocommercegiftcards"; ifdescription...
WordPress plugin has been exploited in the wild to mount backdoors
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Malicious actors are actively exploiting a critical vulnerability in the YITH WooCommerce Gift Cards Premium WordPress plugin in order to plant backdoors on e-Commerce sites. The security flaw...
WordPress Yith WooCommerce Gift Cards Premium 3.19.0 Shell Upload Vulnerability
Description: Unauthenticated Arbitrary File Upload Affected Plugin: Yith WooCommerce Gift Cards Premium Plugin Slug: yith-woocommerce-gift-cards-premium Affected Versions: = 3.19.0 CVE ID: CVE-2022-45359 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N...
WordPress Yith WooCommerce Gift Cards Premium 3.19.0 Shell Upload
Description: Unauthenticated Arbitrary File Upload Affected Plugin: Yith WooCommerce Gift Cards Premium Plugin Slug: yith-woocommerce-gift-cards-premium Affected Versions: = 3.19.0 CVE ID: CVE-2022-45359 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N...
CVE-2022-45359
creationtimestamp| type| source ---|---|--- 2022-12-07 00:41:00+00:00| seen| https://t.me/cibsecurity/54101 2022-12-26 17:22:22+00:00| exploited| https://t.me/truesecator/3878 2022-12-27 09:24:08+00:00| exploited| https://t.me/SecLabNews/13177 2023-02-01 02:23:19+00:00| published-proof-of-concept...
CVE-2022-45359
Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...
CVE-2022-45359
CVE-2022-45359 affects the WordPress YITH WooCommerce Gift Cards Premium plugin up to version 3.19.0. The vulnerability is an unauthenticated Arbitrary File Upload via the import_actions_from_settings_panel function that runs on admin_init, allowing attackers to upload files (e.g., web shells) wi...
CVE-2022-45359
Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...