WordPress Themify – WooCommerce Product Filter Plugin Security Update Advisory

Jun 25 2024

Overview

An update has been released to address vulnerability in the WordPress Themify – WooCommerce Product Filter plugin. Users of affected versions are advised to update to the latest version.

Affected Products

WordPress Themify – WooCommerce Products version 1.4.9 or below

Resolved Vulnerabilities

Time-based SQL Injection vulnerability via ‘conditions’ parameter in Themify for WordPress – WooCommerce Product Filter plugin (CVE-2024-6027)

Vulnerability Patches

Vulnerability Patches have been made available with the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

WordPress Themify – WooCommerce product version 15.0 or later

Referenced Sites

[1] CVE-2024-6027 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-6027

[2] WordPress Themify – WooCommerce Product Filter Plugin <= 1.4.9 is vulnerable to SQL Injection

https://patchstack.com/database/vulnerability/themify-wc-product-filter/wordpress-themify-woocommerce-product-filter-plugin-1-4-9-unauthenticated-sql-injection-via-conditions-parameter-vulnerability

WordPress Themify – WooCommerce Product Filter Plugin Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Nextcloud Server Security Update Advisory

Apple Product Family June 2024 First Security Notice

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Nextcloud Server Security Update Advisory

Apple Product Family June 2024 First Security Notice