CVE-2024-32680

{"id": "CVE-2024-32680", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-05-17T09:15:38.820", "references": [{"url": "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}, {"url": "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in PluginUS HUSKY \u2013 Products Filter for WooCommerce (formerly WOOF) allows Using Malicious Files, Code Inclusion.This issue affects HUSKY \u2013 Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.2."}, {"lang": "es", "value": "Vulnerabilidad de limitaci\u00f3n incorrecta de un nombre de ruta a un directorio restringido (\"Path Traversal\"), control incorrecto de la generaci\u00f3n de c\u00f3digo (\"Inyecci\u00f3n de c\u00f3digo\") en PluginUS HUSKY \u2013 Products Filter para WooCommerce (anteriormente WOOF) permite el uso de archivos maliciosos y la inclusi\u00f3n de c\u00f3digo. El problema afecta a HUSKY \u2013 HUSKY \u2013 Products Filter para WooCommerce (anteriormente WOOF): desde n/a hasta 1.3.5.2."}], "lastModified": "2024-11-21T09:15:27.820", "sourceIdentifier": "audit@patchstack.com"}