5 matches found
CVE-2024-13359
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the addproductinputfieldstoorderitemmeta function in all versions up to, and including, 1.12.0. This may make it possible for unauthenticated attackers...
CVE-2024-13359
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the addproductinputfieldstoorderitemmeta function in all versions up to, and including, 1.12.0. This may make it possible for unauthenticated attackers...
CVE-2024-13359
CVE-2024-13359 affects Product Input Fields for WooCommerce (WordPress). All versions up to and including 1.12.0 are vulnerable to unauthenticated arbitrary file uploads due to insufficient file-type validation in add_product_input_fields_to_order_item_meta(). By default only double-extension upl...
CVE-2024-13359 Product Input Fields for WooCommerce <= 1.12.0 - Unauthenticated Limited File Upload
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the addproductinputfieldstoorderitemmeta function in all versions up to, and including, 1.12.0. This may make it possible for unauthenticated attackers...
CVE-2024-13359 Product Input Fields for WooCommerce <= 1.12.0 - Unauthenticated Limited File Upload
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the addproductinputfieldstoorderitemmeta function in all versions up to, and including, 1.12.0. This may make it possible for unauthenticated attackers...