WordPress Plugin Vulnerabilities
WooCommerce < 5.7.0 & WooCommerce Admin < 2.6.4 - Analytics Report Leaks
Description
The plugin was vulnerable to Analytics Report Leaks on some hosting configurations.
As well as updating WooCommerce to at least version 5.7.0, and WooCommerce Admin to at least version 2.6.4, it is also recommended that directory listing is disabled on your host.
Automattic updates were rolled out to force the vulnerable plugins to be updated and patched.
Affects Plugins
References
Classification
Type
ACCESS CONTROLS
OWASP top 10
CWE
CVSS
Miscellaneous
Verified
No
WPVDB ID
Timeline
Publicly Published
2021-09-22 (about 2 years ago)
Added
2021-09-22 (about 2 years ago)
Last Updated
2022-04-10 (about 2 years ago)