CVSS: 4.3EPSS: %CPEs: 1EXPL: 0CVE-2023-40334 – HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.4.2 - Missing Authorization via woof_meta_get_keys()
https://notcve.org/view.php?id=CVE-2023-40334
The HUSKY – Products Filter for WooCommerce (formerly WOOF) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the woof_meta_get_keys() function in versions up to, and including, 1.3.4.2. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve meta key values. • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2018-8710 – WOOF - Products Filter for WooCommerce <= 1.1.9 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-8710
A remote code execution issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The plugin implemented a page redraw AJAX function accessible to anyone without any authentication. WordPress shortcode markup in the "shortcode" parameters would be evaluated. Normally unauthenticated users can't evaluate shortcodes as they are often sensitive. Se ha descubierto un problema de ejecución remota de código en el plugin WooCommerce Products Filter (también conocido como WOOF), en versiones anteriores a la 2.2.0, para WordPress, tal y como demuestra el parámetro shortcode en una acción woof_redraw_woof. • https://sec-consult.com/en/blog/advisories/arbitrary-shortcode-execution-local-file-inclusion-in-woof-pluginus-net/index.html https://wordpress.org/plugins/woocommerce-products-filter/#developers https://www.woocommerce-filter.com/update-woocommerce-products-filter-v-2-2-0 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8711 – WOOF - Products Filter for WooCommerce <= 1.1.9 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2018-8711
A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack. Se ha descubierto un problema de inclusión de archivos locales en el plugin WooCommerce Products Filter (también conocido como WOOF), en versiones anteriores a la 2.2.0, para WordPress, tal y como demuestra el parámetro shortcode en una acción woof_redraw_woof. La vulnerabilidad se debe a la falta de validación de argumentos/entradas en render_html antes de permitir que sea llamado por extract(), una función ya integrada en PHP. • https://sec-consult.com/en/blog/advisories/arbitrary-shortcode-execution-local-file-inclusion-in-woof-pluginus-net/index.html https://wordpress.org/plugins/woocommerce-products-filter/#developers https://www.woocommerce-filter.com/update-woocommerce-products-filter-v-2-2-0 • CWE-20: Improper Input Validation CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •