2 matches found
CVE-2026-25397
Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through = 1.0.4...
CVE-2026-25397
The CVE-2026-25397 entry concerns the WordPress File Uploader for WooCommerce plugin (versions up to 1.0.4) and describes a Path Traversal vulnerability. The root cause is insufficient sanitization of user-supplied input, specifically allowing sequences like '.../...//' to escape the webroot. Aff...