CVE-2024-10486

Published Nov 18, 2024

Last updated 3 months ago

CVSS medium 5.3

Overview

Description
The Google for WooCommerce plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.8.6. This is due to publicly accessible print_php_information.php file. This makes it possible for unauthenticated attackers to retrieve information about Webserver and PHP configuration, which can be used to aid other attacks.
Source
security@wordfence.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

security@wordfence.com
CWE-862

Social media

Hype score
Not currently trending

  1. 📢【重要なお知らせ】 WordPressのプラグイン「Google for WooCommerce」に脆弱性が発見されました!(CVE-2024-10486) 旧バージョン(2.8.6以下)をお使いの方は、直ちに最新版(2.8.7)へ更新をお願いします⚠️ 🔒 詳細はこちら → https://t.co/pDU0DY0h0U #WordPress #セキュリティ #WooCommerce https://t.co/pgIXYiaquj

    @ibnagasaki

    25 Nov 2024

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2024-10486 (Published: 2024-11-18) - High severity vulnerability in Google Listings and Ads plugin (versions affected: 2.8.6). Remediation is crucial! Ensure you update to the latest version to protect your site. More info: [Google Ads PHP Info](https://t.co/6hXjgVxzwo)… h

    @transilienceai

    22 Nov 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CVE-2024-10486 (Published: 2024-11-18) - High severity vulnerability in Google Listings and Ads plugin (versions prior to 2.8.6). Ensure your site is secure by updating to the latest version. For more details, check the remediation guide: https://t.co/6hXjgVxzwo #WordPress… ht

    @transilienceai

    22 Nov 2024

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-10486 Information Disclosure Vulnerability in Google for WooCommerce Plugin The Google for WooCommerce plugin for WordPress has an Information Disclosure vulnerability in versions up to 2.8.6. This is be... https://t.co/LY4YL2F2mc

    @VulmonFeeds

    19 Nov 2024

    73 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  5. CVE-2024-10486 The Google for WooCommerce plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.8.6. This is due to publicly accessibl… https://t.co/hEEniqVdy5

    @CVEnew

    18 Nov 2024

    135 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References