Path Traversal Vulnerability Affects Woocommerce Product Design

CVE-2024-50509

8.6HIGH

Key Information

Vendor: Chetan Khandla
Status: WooCommerce Product Design
Vendor: CVE Published:; 30 October 2024

Badges

👾 Exploit Exists🔴 Public PoC

Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0.

Affected Version(s)

Woocommerce Product Design <= 1.0.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-50509
Created by RandomRobbieBF

Refferences

https://patchstack.com/database/vulnerability/woo-product...

vdb-entry

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

🔴
Public PoC available
Dec 17, 2024
👾
Exploit known to exist
Dec 17, 2024
Vulnerability published
Oct 30, 2024
Vulnerability Reserved
Oct 24, 2024

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)

Credit

ghsinfosec (Patchstack Alliance)