2 matches found
CVE-2018-8710
CVE-2018-8710 affects the WordPress plugin WooCommerce Products Filter (WOOF) prior to version 2.2.0. The vulnerability arises from a page redraw AJAX function in an unauthenticated endpoint used by the shortcode parameter in a woof_redraw_woof action, which causes WordPress shortcode markup in t...
CVE-2018-8710
A remote code execution issue was discovered in the WooCommerce Products Filter aka WOOF plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woofredrawwoof action. The plugin implemented a page redraw AJAX function accessible to anyone without any authentication...