What the vulnerability does
01Description
Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Path Traversal.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Path Traversal.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.8.
Explanation of Vulnerability in Simple Terms
Primer MyData for WooCommerce versions 4.2.8 and earlier contain a path traversal or information disclosure vulnerability accessible over the network without authentication. An attacker can read sensitive data from the affected system. The vulnerability requires no user interaction and affects confidentiality but not integrity or availability.
What an attacker can do
Read sensitive data from the site without logging in.
Potential impact on your site
Attackers can access confidential information stored by the plugin without needing valid credentials.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities