CVE-2023-0080

Name of the Vulnerable Software and Affected Versions Customer Reviews for WooCommerce WordPress plugin versions prior to 5.16.0

Description The issue allows users with a contributor role and above to include arbitrary files via a traversal attack due to a lack of validation in one of its shortcode attributes. This could enable them to read non-PHP files and retrieve their content. Remote Code Execution (RCE) could also be achieved if an attacker manages to upload a malicious image containing PHP code and then includes it via the affected attribute. On a default WordPress install, authors could easily achieve this given that they have the upload file capability.

Recommendations For versions prior to 5.16.0, update to version 5.16.0 or later to resolve the issue. As a temporary workaround, consider restricting the upload file capability for authors and contributors to minimize the risk of exploitation. Additionally, restrict access to the vulnerable shortcode attribute to prevent arbitrary file inclusion.