19 Sep

Arbitrary File Upload Vulnerability in WooCommerce Extra Fields

After discovering an arbitrary file upload vulnerability in the plugin N-Media Post Front-end Form recently, we took a look at other plugins from the same developer and found that three other shared same the same vulnerable code. One of those was WooCommerce Extra Fields (which has now been renamed WooCommerce Product Addons).

[Read more]