The WooCommerce Checkout Field Manager WordPress plugin...
Critical severity
Unreviewed
Published
Mar 6, 2023
to the GitHub Advisory Database
•
Updated Mar 19, 2023
Description
Published by the National Vulnerability Database
Mar 6, 2023
Published to the GitHub Advisory Database
Mar 6, 2023
Last updated
Mar 19, 2023
The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server
References