RSS   Vulnerabilities for 'Woocommerce'   RSS

2017-11-29
 
CVE-2017-17058

CWE-22
 

 
** DISPUTED ** The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code.

 

 >>> Vendor: Automattic 9 Products
Akismet
Jetpack
Woocommerce
Genericons
Canvas
Camptix event ticketing
W3 super cache
Wp super cache
Vaultpress


Copyright 2024, cxsecurity.com

 

Back to Top