Product Input Fields For Woocommerce

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2024-13359 HIGH PATCH This Week

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to_order_item_meta(). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress PHP RCE File Upload Product Input Fields For Woocommerce

NVD

CVSS 3.1

8.1

EPSS

2.7%

CVE-2024-13359

EPSS 3% CVSS 8.1

HIGH PATCH This Week

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to_order_item_meta(). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress PHP RCE +2

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy