The Wholesale Market for WooCommerce WordPress plugin prior to 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated malicious users to download arbitrary file from the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cedcommerce wholesale market for woocommerce |