WooZone - WooCommerce Amazon Affiliates [Authenticated Unrestricted Create/Update Admin User Password]
WordPress Plugins Authenticated Unrestricted Create/Update Admin User Password
WooZone - WooCommerce Amazon Affiliates [Authenticated Remote Code Execution]
WordPress Plugins Authenticated Remote Code Execution RCE
rtMedia for WordPress, BuddyPress and bbPress [Unauthenticated File Upload]
WordPress Plugins Unauthenticated File Upload
WooZone - WooCommerce Amazon Affiliates [Local File Disclosure]
WordPress Plugins Local File Disclosure
WooZone - WooCommerce Amazon Affiliates [Arbitrary File Upload]
This vulnerability exploits the lack of security checks when performing actions through WooZoneRemoteSupportRequest AJAX action, in order to perform an Arbitrary File Upload attack.