Unrated severityNVD Advisory· Published Jun 10, 2024· Updated Apr 28, 2026
WordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerability
CVE-2024-35658
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2.
Affected products
2<=3.6.2+ 1 more
- (no CPE)range: <=3.6.2
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.