CVE Published: 17/05/2024 |
CVE Updated: 02/08/2024 |
CVE Year: 2024 Source: Patchstack |
Vendor: PluginUS |
Product: HUSKY – Products Filter for WooCommerce (formerly WOOF) Status : PUBLISHED
CVE-2024-32680 Description
Improper Limitation of a Pathname to a Restricted Directory (\'Path Traversal\'), Improper Control of Generation of Code (\'Code Injection\') vulnerability in PluginUS HUSKY – Products Filter for WooCommerce (formerly WOOF) allows Using Malicious Files, Code Inclusion.This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.2.
Metrics
CVSS Version: 3.1 |
Base Score: 8.8 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H