Severity Rating: CRITICAL
Software Affected
YITH WooCommerce Gift Cards premium plugin for WordPress version prior to 3.19.0
Overview
A
vulnerability has been reported in YITH WooCommerce Gift Cards Premium
plugin for WordPress which could allow an attacker to execute arbitrary
code on the targeted system.
Description
This
vulnerability exists in YITH WooCommerce Gift Cards Premium plugin for
WordPress due to an improper validation of file, during file upload. An
attacker can exploit this vulnerability by uploading a malicious file.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.
Solution
Upgrade to the latest versions of WordPress as mentioned in the advisory:
Vendor Information
WordPress
References
WordPress
CVE Name
CVE-2022-45359
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.