Emagicone

Emagicone Store Manager For Woocommerce

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-4336

Exploit
  • EPSS 0.94%
  • Veröffentlicht 24.05.2025 03:37:32
  • Zuletzt bearbeitet 11.07.2025 19:32:44

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenti...

9.1

CVE-2025-4603

Exploit
  • EPSS 1.53%
  • Veröffentlicht 24.05.2025 03:37:32
  • Zuletzt bearbeitet 11.07.2025 19:18:54

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.2.5. This makes it possible for u...

9.8

CVE-2025-5058

Exploit
  • EPSS 1.57%
  • Veröffentlicht 24.05.2025 03:37:32
  • Zuletzt bearbeitet 11.07.2025 19:14:50

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthent...

7.5

CVE-2025-4602

Exploit
  • EPSS 0.21%
  • Veröffentlicht 24.05.2025 03:37:31
  • Zuletzt bearbeitet 11.07.2025 19:27:30

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the get_file() function. This makes it possible for unauthenticated attackers to read the contents ...