WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WooCommerce Checkout Manager <= 4.2.6 - Arbitrary File Upload

Description

The Checkout Manager for WooCommerce WordPress plugin was affected by an Arbitrary File Upload security vulnerability.

Affects Plugins

woocommerce-checkout-manager
Fixed in version 4.3

References

CVE
CVE-2019-11807
URL
https://thehackernews.com/2019/04/wordpress-woocommerce-security.html
URL
https://plugins.trac.wordpress.org/changeset/2075661/woocommerce-checkout-manager
URL
https://www.wordfence.com/blog/2019/05/unauthenticated-media-deletion-vulnerability-patched-in-woocommerce-checkout-manager-plugin/

Classification

Type

UPLOAD

CWE
CWE-434

Miscellaneous

Submitter

Ryan Dewhurst

Submitter website
https://wpscan.io
Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
36aed820-df7f-4b0f-9610-af397009d429

Timeline

Publicly Published

2019-04-25 (about 3 years ago)

Added

2019-04-26 (about 3 years ago)

Last Updated

2020-09-22 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin