Vulnerabilities > Woocommerce > Upload Files > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-05 CVE-2021-24171 Unrestricted Upload of File with Dangerous Type vulnerability in Woocommerce Upload Files
The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to remove blocked extensions such as .php.
network
low complexity
woocommerce CWE-434
critical
9.8