User

Welcome to WordPress Community Forum. Please login or sign up.

Nov 25, 2024, 12:38 PM

Login with username, password and session length

Shoutbox

Recent

Stats

Members
Stats
  • Total Posts: 55
  • Total Topics: 45
  • Online today: 5
  • Online ever: 136 (Apr 17, 2022, 11:37 PM)
Users Online
  • Users: 0
  • Guests: 21
  • Total: 21

Online

21 Guests, 0 Users

WordPress Product Configurator for WooCommerce plugin Vulnerability

Started by Kailash, Jun 07, 2022, 07:48 AM

Previous topic - Next topic

WordPress Premium Themes


Print
Go Down Pages1
User actions

Kailash

Jun 07, 2022, 07:48 AM
WordPress Product Configurator for WooCommerce plugin Vulnerability

Plugin name: Product Configurator for WooCommerce
Vulnerable versions: <= 1.2.31
Fixed in: 1.2.32
CVE ID: CVE-2022-1953
Classification: Other Vulnerability Type
Publicly disclosed: 2022-06-06

Vulnerability Details

Unauthenticated Arbitrary File Deletion vulnerability discovered by cydave in WordPress Product Configurator for WooCommerce plugin (versions <= 1.2.31).

Solution

Update the WordPress Product Configurator for WooCommerce plugin to the latest available version (at least 1.2.32).

Plugin Link: https://wordpress.org/plugins/product-configurator-for-woocommerce/

WordPress Premium Themes


Print
Go Up Pages1
User actions