Vulnerability Description
A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Woocommerce-Filter | Woocommerce Products Filter | < 2.2.0 |
Related Weaknesses (CWE)
References
- https://sec-consult.com/en/blog/advisories/arbitrary-shortcode-execution-local-fThird Party Advisory
- https://wordpress.org/plugins/woocommerce-products-filter/#developersRelease Notes
- https://www.woocommerce-filter.com/update-woocommerce-products-filter-v-2-2-0/Vendor Advisory
- https://sec-consult.com/en/blog/advisories/arbitrary-shortcode-execution-local-fThird Party Advisory
- https://wordpress.org/plugins/woocommerce-products-filter/#developersRelease Notes
- https://www.woocommerce-filter.com/update-woocommerce-products-filter-v-2-2-0/Vendor Advisory
FAQ
What is CVE-2018-8711?
CVE-2018-8711 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. Th...
How severe is CVE-2018-8711?
CVE-2018-8711 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-8711?
Check the references section above for vendor advisories and patch information. Affected products include: Woocommerce-Filter Woocommerce Products Filter.