|Category:||Web application abuses|
|Title:||WordPress WooCommerce Plugin RCE Vulnerability (Windows)|
|Summary:||The host is installed with the WooCommerce; Plugin for Wordpress and is prone to a remote code execution vulnerability.|
The host is installed with the WooCommerce
Plugin for Wordpress and is prone to a remote code execution vulnerability.
A flaw in the way WordPress handles privileges can lead to a privilege escalation
in the plugin. The vulnerability allows shop managers to delete certain files on the server and then to take over
any administrator account.
WooCommerce plugin for Wordpress prior to version 3.4.6 on Windows.
Upgrade to version 3.4.6 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2018-20714|
|Copyright||This script is Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.