CVE-2024-3934

20 Jul 2024

Título es

CVE-2024-3934

Sáb, 20/07/2024 – 04:15

Tipo

CWE-22

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-3934

Descripción en

The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2.

20/07/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://plugins.trac.wordpress.org/browser/woocommerce-mercadopago/trunk/src/Admin/Settings.php#L663

https://plugins.trac.wordpress.org/changeset/3098023/woocommerce-mercadopago/trunk/src/IO/Downloader.php?old=3078706&old_path=woocommerce-mercadopago/trunk/src/IO/Downloader.php

https://plugins.trac.wordpress.org/changeset/3119214/woocommerce-mercadopago/tags/7.6.2/src/IO/Downloader.php?old=3108278&old_path=woocommerce-mercadopago/tags/7.6.1/src/IO/Downloader.php

https://www.wordfence.com/threat-intel/vulnerabilities/id/1674e81e-6a75-436c-b219-8ec0a484a134?source=cve