WordPress Plugin Vulnerabilities

Checkout Field Editor for WooCommerce (Pro) < 3.6.3 - Unauthenticated Arbitrary File Deletion

Description

The Checkout Field Editor for WooCommerce (Pro) plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.6.2. This is due to the plugin not properly validating a file or it's path prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files which can be leveraged to achieve remote code execution.

Affects Plugins

Plugin icon
woocommerce-checkout-field-editor-pro
Fixed in 3.6.3

References

CVE
CVE-2024-35658
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/b46cd71f-046a-45b8-be8d-4a71e97586b4

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Dave Jong
Verified
No
WPVDB ID
725213e5-39f2-446c-b8d5-047e10d8ec7a

Timeline

Publicly Published
2024-06-03 (about 2 years ago)
Added
2024-06-11 (about 2 years ago)
Last Updated
2024-06-11 (about 2 years ago)

Other

Published
Title
Published
2026-03-20
Title
Scape - Multipurpose WordPress theme < 1.5.16 - Unauthenticated Arbitrary File Deletion
Published
2015-07-02
Title
MDC YouTube Downloader <= 2.1.0 - Local File Inclusion
Published
2025-08-26
Title
Premium Age Verification / Restriction for WordPress <= 3.0.2 - Unauthenticated Arbitrary File Download
Published
2024-02-07
Title
Elementor < 3.19.1 - Authenticated(Contributor+) Arbitrary File Deletion and PHAR Deserialization
Published
2015-10-12
Title
Font <= 7.5 - Authenticated Path Traversal