CVE-2018-21007

The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to supportive xl folders inside uploads...

WordPress plugin woo-confirmation-email cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress woo-confirmation-email plugin has unspecified vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. woo-confirmation-email is a plugin used in it to send email verification code. A security vulnerability exists in the WordPress...

CVE-2018-21007

The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to supportive xl folders inside uploads...

CVE-2018-21007

The CVE-2018-21007 entry affects the WordPress plugin woo-confirmation-email before version 3.2.0 . The vulnerability is an authorization flaw: the plugin does not block direct access to supportive files/folders inside the WordPress uploads directory, exposing potentially sensitive uploaded conte...