CVE-2024-28394

Name of the Vulnerable Software and Affected Versions Advanced Plugins reportsstatistics versions 1.3.20 and earlier

Description An issue in Advanced Plugins reportsstatistics allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.

Recommendations For versions 1.3.20 and earlier, update to a version later than 1.3.20 to resolve the issue. As a temporary workaround, consider disabling the Sales Reports, Statistics, Custom Fields & Export module until a patch is available. Restrict access to the module to minimize the risk of exploitation.