The vulnerabilities of the implementations of functions based on the AJAX technology, such as motor_load_more(), motor_gallery_load_more(), motor_quick_view(), and motor_project_quick_view(), in the “Motor – Cars, Parts, Service, Equipments and Accessories” theme. This theme is part of the WooCommerce store and uses the WordPress content management system. These vulnerabilities allow an attacker to execute arbitrary PHP code or gain unauthorized access to protected information.
The vulnerability of implementations based on the AJAX technology—motorloadmore, motorgalleryloadmore, motorquickview, and motorprojectquickview—in the “Motor: Cars, Parts, Service, Equipment, and Accessories” theme. This vulnerability is related to shortcomings in path name restrictions for the...