First published: Mon Apr 05 2021(Updated: )
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
WooCommerce Upload Files WordPress | <59.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this WooCommerce Upload Files WordPress plugin vulnerability is CVE-2021-24171.
The severity of CVE-2021-24171 is critical.
The affected software for CVE-2021-24171 is WooCommerce Upload Files WordPress plugin before version 59.4.
The vulnerability can be exploited by bypassing the sanitization process and uploading a file with a PHP extension.
Yes, you can find references for CVE-2021-24171 at the following URLs: [URL 1](https://wpscan.com/vulnerability/ed4288a1-f7e4-455f-b765-5ac343f87194), [URL 2](https://www.wordfence.com/blog/2021/03/critical-vulnerability-patched-in-woocommerce-upload-files/).