The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2021-07-21T11:09:37.170930Z
Updated: 2024-09-16T22:35:25.662Z
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34619
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-07-21T15:16:20.503
Modified: 2023-07-18T12:34:01.287
Link: CVE-2021-34619
Redhat
No data.