WordPress Plugin Vulnerabilities

Mercado Pago payments for WooCommerce 7.3.0 - 7.6.1 - Authenticated (Subscriber+) Arbitrary File Download

Description

The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2.

Affects Plugins

Plugin icon
woocommerce-mercadopago
Fixed in 7.6.2

References

CVE
CVE-2024-3934
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/1674e81e-6a75-436c-b219-8ec0a484a134

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając
Verified
No
WPVDB ID
e12e9d40-230e-4e1d-98a0-b8532a747075

Timeline

Publicly Published
2024-07-19 (about 1 year ago)
Added
2024-07-19 (about 1 year ago)
Last Updated
2024-07-20 (about 1 year ago)

Other

Published
Title
Published
2015-06-10
Title
RobotCPA Plugin V5 - Unauthenticated Local File Inclusion
Published
2025-12-12
Title
PDF Generator Addon for Elementor Page Builder < 2.0.1 - Unauthenticated Path Traversal
Published
2025-04-03
Title
Docxpresso <= 2.6 - Authenticated (Contributor+) Arbitrary File Download
Published
2025-02-22
Title
Search with Typesense < 2.0.9 - Authenticated (Admin+) Path Traversal
Published
2022-08-03
Title
WPide < 3.0 - Admin+ Local File Inclusion