Lucene search
GoogleOSV:CVE-2018-20714HistoryJan 15, 2019 - 4:29 p.m.
CVE-2018-20714
2019-01-1516:29:00
Google
osv.dev
4
The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin.
Related
openvas
openvas
WordPress WooCommerce Plugin < 3.4.6 RCE Vulnerability
2018-11-13 00:00:00
WordPress WooCommerce Plugin RCE Vulnerability - Windows
2018-11-13 00:00:00
cve
cve
CVE-2018-20714
2019-01-15 16:29:00
nvd
nvd
CVE-2018-20714
2019-01-15 16:29:00
wpvulndb
wpvulndb
WooCommerce <= 3.4.5 - Authenticated File Deletion to Privilege Escalation
2018-10-11 00:00:00
prion
prion
Arbitrary file deletion
2019-01-15 16:29:00
veracode
veracode
Directory Traversal
2019-01-16 07:34:44
cvelist
cvelist
CVE-2018-20714
2019-01-15 16:00:00