Fu2X2000

**Name of the Vulnerable Software and Affected Versions** WooCommerce plugin versions 3.x **Description** The issue concerns a Directory Traversal vulnerability via the `/wp-content/plugins/woocommerce/templates/emails/plain/` URI, which could potentially access a parent directory. However, a software maintainer notes that Directory Traversal is not possible due to the presence of `if (!defined('ABSPATH')) {exit;}` code in all template files. **Recommendations** For WooCommerce plugin versions 3.x, consider restricting access to the `/wp-content/plugins/woocommerce/templates/emails/plain/` URI to minimize potential risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.