Security Links
The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validate_product_input_fields_on_add_to_cart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
#DISCUSSION
Reddit Blackhat

Hacking techniques and research. Focused on the ongoing discussion and documentation of vulnerabilities and exploitation techniques. Please read the rules before posting here.

https://www.reddit.com/r/blackhat/