VYPR
Unrated severityNVD Advisory· Published Jun 10, 2024· Updated Apr 28, 2026

WordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerability

CVE-2024-35658

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.