CVE-2021-24566

Name of the Vulnerable Software and Affected Versions WooCommerce Currency Switcher FOX WordPress plugin versions prior to 1.3.7

Description The issue concerns a Local File Inclusion (LFI) vulnerability. LFI is a type of attack where an attacker can trick the application into exposing or running files on the server that they shouldn't have access to. This vulnerability can be exploited via the woocs shortcode.

Recommendations For versions prior to 1.3.7, update to version 1.3.7 or later to resolve the issue. As a temporary workaround, consider restricting the use of the woocs shortcode until the update is applied.