exploitDog

CVE-2021-24566

Опубликовано: 16 янв. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.

Ссылки

https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/
Third Party Advisory
https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pluginus:fox_-_currency_switcher_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*

Версия до 1.3.7 (исключая)

EPSS

Процентиль: 82%

0.01802

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-22

Связанные уязвимости

GHSA-j977-qqwc-8rmm

CVSS3: 8.8

github

около 2 лет назад

The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.

EPSS

Процентиль: 82%

0.01802

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-22