NS WooCommerce Watermark WordPress Plugin Allows Malicious Image Loading and Domain Hiding

NS WooCommerce Watermark WordPress Plugin Allows Malicious Image Loading and Domain Hiding

CVE-2022-0989 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain.

Learn more about our Wordpress Pen Testing.