Fortinet Discovers WordPress Plugin WooCommerce Store Exporter CSV Injection Vulnerability
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jan 06, 2020
Update the plugin to the latest version (v2.4).
Fortinet reported the vulnerability to Visser Labs on January 02, 2020.
Visser Labs confirmed the vulnerability on January 03, 2020.
Visser Labs patched the vulnerability on January 06, 2020.
This vulnerability was discovered by Vishnupriya Ilango of Fortinet's FortiGuard Labs.