Path Traversal Vulnerability Affects Premmerce Permalink Manager for WooCommerce
CVE-2024-27971
8.3HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 17 May 2024
What is CVE-2024-27971?
A vulnerability has been identified in the Premmerce Permalink Manager for WooCommerce that allows for path traversal, enabling an attacker to exploit improper limitations on pathname restrictions. This vulnerability can lead to PHP Local File Inclusion, potentially allowing unauthorized access to sensitive files on the server. Versions from an unspecified state up to 2.3.10 are impacted, highlighting the need for immediate attention to safeguard against this security issue.
Affected Version(s)
Premmerce Permalink Manager for WooCommerce 0 <= 2.3.10