CVE-2024-3962

EPSS 10.5%
Veröffentlicht 26.04.2024 09:15:12
Zuletzt bearbeitet 07.02.2025 02:07:02
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Product Addons & Fields for WooCommerce <= 32.0.18 - Unauthenticated Arbitrary File Upload via ppom_upload_file

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires the PPOM Pro plugin to be installed along with a WooCommerce product that contains a file upload field to retrieve the correct nonce.

Mögliche Gegenmaßnahme

PPOM – Product Addons & Custom Fields for WooCommerce: Update to version 32.0.19, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt PPOM – Product Addons & Custom Fields for WooCommerce

Version *-32.0.18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Themeisle ≫ Product Addons & Fields For Woocommerce SwPlatformwordpress Version < 32.0.19

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	10.5%	0.929

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@wordfence.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://plugins.trac.wordpress.org/changeset/3075669/woocommerce-product-addon

Patch

https://themeisle.com/plugins/ppom-pro/

Product

https://www.wordfence.com/threat-intel/vulnerabilities/id/4f95bcc3-354e-4016-9a17-945569b076b6?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/4f95bcc3-354e-4016-9a17-945569b076b6

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-3962

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-3962

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-3962

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-3962