The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Algolplus
Algolplus advanced Order Export |
|
CPEs | cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Algolplus
Algolplus advanced Order Export |
|
Metrics |
ssvc
|
Wed, 13 Nov 2024 03:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | |
Title | Advanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order Details | |
Weaknesses | CWE-502 | |
References |
|
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-11-13T03:20:06.973Z
Updated: 2024-11-13T16:18:19.133Z
Reserved: 2024-11-04T22:22:16.244Z
Link: CVE-2024-10828
Vulnrichment
Updated: 2024-11-13T16:18:13.333Z
NVD
Status : Awaiting Analysis
Published: 2024-11-13T04:15:04.727
Modified: 2024-11-13T17:01:16.850
Link: CVE-2024-10828
Redhat
No data.