CVE-2022-4328
WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload
The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Unknown · WooCommerce Checkout Field Managerpublic PoCs found — 1
cve_referencewpscan.com/vulnerability/4dc72cd2-81d7-4a66-86bd-c9cfaf690eedunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →