Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2.
History

Wed, 06 Nov 2024 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:helloprint:helloprint:*:*:*:*:*:wordpress:*:*

Mon, 04 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Helloprint
Helloprint helloprint
CPEs cpe:2.3:a:helloprint:helloprint:-:*:*:*:*:wordpress:*:*
Vendors & Products Helloprint
Helloprint helloprint
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 04 Nov 2024 14:00:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2.
Title WordPress Helloprint plugin <= 2.0.2 - Arbitrary File Upload vulnerability
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-11-04T13:44:28.143Z

Updated: 2024-11-04T15:32:30.945Z

Reserved: 2024-10-24T07:27:19.970Z

Link: CVE-2024-50525

cve-icon Vulnrichment

Updated: 2024-11-04T15:32:26.195Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-04T14:15:14.983

Modified: 2024-11-06T15:42:52.993

Link: CVE-2024-50525

cve-icon Redhat

No data.