CVE-2025-49887 - CERT CVE

  1. CVE-2025-49887

ID CVE-2025-49887
Sažetak Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML Feed Manager for WooCommerce allows Remote Code Inclusion. This issue affects Product XML Feed Manager for WooCommerce: from n/a through 2.9.3.
Reference
CVSS
Base: 9.9
Impact: 6.0
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 14-08-2025 - 13:11
Objavljeno 14-08-2025 - 11:15