Lucene search

WpvulndbWPVDB-ID:3FF36D7F-9763-43C4-9E18-F14146BDC921

HistoryMar 19, 2024 - 12:00 a.m.

Management App for WooCommerce < 1.2.3 - Subscriber+ Arbitrary File Upload

2024-03-1900:00:00

wpscan.com

woocommerce

plugin

arbitrary file uploads

file type validation

remote code execution

security vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Description The plugin is vulnerable to arbitrary file uploads due to missing file type validation in the nouvello_upload_csv_file function. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.

References

www.wordfence.com/threat-intel/vulnerabilities/id/a4219c10-9d2a-429d-9ac7-61efc02bd4cf

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for WPVDB-ID:3FF36D7F-9763-43C4-9E18-F14146BDC921