CVE-2024-50525

Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2

Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with dangerous type vulnerability. This vulnerability can be exploited by uploading malicious files, potentially leading to server compromise. The estimated number of potentially affected devices is not specified.

Recommendations: Update to version 2.0.3 to fix the vulnerability. As a temporary workaround, consider restricting file uploads or disabling the vulnerable plugin until the update is applied.