CVE-2024-50525
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-50525 is a newly identified vulnerability affecting Plug your WooCommerce into the largest catalog of customized print products from Helloprint. The issue involves an Unrestricted File Upload vulnerability that enables attackers to upload a Web Shell to a web server, potentially gaining unauthorized access and control over the system. This vulnerability affects versions of the plugin from n/a through 2.0.2. Successful exploitation could lead to significant security risks, making it crucial for users to update their plugin as soon as a patch is released.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.