Security Advisory

CVE-2020-35627

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-28 14:36:30

Last updated 2024-08-04 17:09:14

Assigner mitre

State PUBLISHED

Description

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image extension to PHP and executing PHP code on the server.

← Browse all CVEs View on cve.org ↗