The WooCommerce Help Scout WordPress plugin prior to 2.9.1 (woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
woocommerce help scout |