CVE-2024-54262

CRITICAL

Siddharth Nagar Import Export For WooCommerce <1.5 - RCE

Title source: llm

Description

Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2.

Exploits (3)

github WORKING POC
by Boshe99 · pythonpoc
https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2024-54262
nomisec WORKING POC
by Nxploited · poc
https://github.com/Nxploited/CVE-2024-54262
nomisec WORKING POC
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-54262

References (2)

Scores

CVSS v3 9.9
EPSS 0.4842
EPSS Percentile 97.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (2)
Siddharth Nagar/Import Export For WooCommerce < 1.5
sidngr/Import Export For WooCommerce < 1.6.2
Published Dec 13, 2024
Tracked Since Feb 18, 2026