Description
WordPress Plugin Grow by Tradedoubler-Advertiser for WooCommerce is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Grow by Tradedoubler-Advertiser for WooCommerce version 2.0.21 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.22 or latest
References
Related Vulnerabilities
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003049)
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1111)
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
Oracle Application Server Other Vulnerability (CVE-2006-5357)