The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.
References
Link | Resource |
---|---|
https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/ | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
23 Oct 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
23 Jan 2024, 20:37
Type | Values Removed | Values Added |
---|---|---|
First Time |
Pluginus fox - Currency Switcher Professional For Woocommerce
Pluginus |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:pluginus:fox_-_currency_switcher_professional_for_woocommerce:*:*:*:*:*:wordpress:*:* | |
References | () https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/ - Third Party Advisory | |
References | () https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/ - Exploit, Third Party Advisory | |
CWE | NVD-CWE-Other |
16 Jan 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-16 16:15
Updated : 2024-10-23 15:35
NVD link : CVE-2021-24566
Mitre link : CVE-2021-24566
CVE.ORG link : CVE-2021-24566
JSON object : View
Products Affected
pluginus
- fox_-_currency_switcher_professional_for_woocommerce
CWE