CVE-2024-54262
CVSS 3.1 Score 9.9 of 10 (high)
Details
Published Dec 13, 2024
CWE ID 434
Summary
CVE-2024-54262 represents a serious vulnerability in Import Export For WooCommerce, specifically version 1.5 and earlier. The issue involves an Unrestricted File Upload vulnerability, enabling attackers to upload a web shell to the web server. This can potentially grant unauthorized access and control, posing a significant security risk. The vulnerable software fails to restrict file types during upload, leading to the uploading of dangerous files, which can result in a web shell being executed on the server.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share