Описание
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 1.7 (включая)
Одно из
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:wpshopstyling:wp-ecommerce-shop-styling:1.6:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 73%
0.00753
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.
EPSS
Процентиль: 73%
0.00753
Низкий
7.5 High
CVSS2
Дефекты
CWE-94