PT-2025-38079
Name of the Vulnerable Software and Affected Versions Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin versions prior to 14 Description The plugin fails to validate the path of files intended for download. This allows an unauthenticated attacker to perform a pa...