Unrestricted Upload of File with Dangerous Type vulnerability

CVE-2024-50510

10CRITICAL

Key Information

Vendor: Web And Print Design
Status: Ar For WooCommerce
Vendor: CVE Published:; 30 October 2024

Summary

Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through 6.2.

Affected Version(s)

AR For Woocommerce <= 6.2

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Oct 30, 2024
Vulnerability Reserved.
Oct 24, 2024

Collectors

NVD DatabaseMitre Database

Credit

João Pedro Soares de Alcântara - Kinorth (Patchstack Alliance)