CVE-2024-54262

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Dec 13, 2024
CWE ID 434

Summary

CVE-2024-54262 represents a serious vulnerability in Import Export For WooCommerce, specifically version 1.5 and earlier. The issue involves an Unrestricted File Upload vulnerability, enabling attackers to upload a web shell to the web server. This can potentially grant unauthorized access and control, posing a significant security risk. The vulnerable software fails to restrict file types during upload, leading to the uploading of dangerous files, which can result in a web shell being executed on the server.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share