CVE: CVE-2017-17058

Descrizione: The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have “if (!defined(‘ABSPATH’)) {exit;}” code

Vettore di attacco

Riferimenti esterni

• https://www.exploit-db.com/ghdb/4613/
• https://github.com/woocommerce/woocommerce/issues/17964
• https://www.exploit-db.com/exploits/43196/

Prodotti interessati

• n/a – n/a

Relazioni con altri prodotti

Nessun prodotto trovato per il CVE: cve-2017-17058