Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Woocommerce Subscribe
Filtered by product Gift Cards
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35627 1 Woocommerce 1 Gift Cards 2020-12-30 7.5 HIGH 8.8 HIGH
Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image extension to PHP and executing PHP code on the server.