CVE-2021-24212
N/A
N/A
Summary
The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WooCommerce Help Scout | 2.9.1 < 2.9.1 | affected |
Weaknesses
- CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/cf9305e8-f5bc-45c3-82db-0ef00fd46129
- http://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-help-scout/changelog.txt
References
- https://wpscan.com/vulnerability/cf9305e8-f5bc-45c3-82db-0ef00fd46129
- http://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-help-scout/changelog.txt
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.