Vulnerability — CVE-2020-36696

CVE-2020-36696

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-36696
Description:: The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable service.
Last updated date:: 06/12/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/12/2023
Reference url to background: https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-product-input-fields-for-woocommerce/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/12/2023
Reference url to background: https://wpscan.com/vulnerability/15f345e6-fc53-4bac-bc5a-de898181ea74