Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion - CVE-2024-35658 - Vulnerability Database
WP Plugin Woocommerce Checkout Field Editor Pro

WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion - CVE-2024-35658

Critical
Reference: CVE-2024-35658
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-35658
Title: WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion
Overview:

WordPress Plugin Checkout Field Editor for WooCommerce (Pro) is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin Checkout Field Editor for WooCommerce (Pro) version 3.6.2 is vulnerable prior versions may also be affected.