CVE-2020-35627 – This vulnerability in Ultimate WooCommerce Gift... (How to Fix)

Q: What is the severity of CVE-2020-35627?

CVE-2020-35627 has a CVSS score of 8.8 (HIGH). This vulnerability in Ultimate WooCommerce Gift Cards allows attackers to upload malicious PHP files disguised as images, leading to remote code execution on the server. It affects WooCommerce sites using the vulnerable gift card plugin version. Attackers can take full control of affected web servers.

📋 TL;DR

This vulnerability in Ultimate WooCommerce Gift Cards allows attackers to upload malicious PHP files disguised as images, leading to remote code execution on the server. It affects WooCommerce sites using the vulnerable gift card plugin version. Attackers can take full control of affected web servers.

💻 Affected Systems

Products:

Ultimate WooCommerce Gift Cards (Giftware)

Versions: 3.0.2 and likely earlier versions

Operating Systems: All platforms running WordPress/WooCommerce

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the Custom Gift Card Template feature to be enabled and accessible.

📦 What is this software?

Gift Cards by Woocommerce

View all CVEs affecting Gift Cards →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing data theft, defacement, malware deployment, and lateral movement to other systems.

🟠

Likely Case

Webshell installation leading to data exfiltration, cryptocurrency mining, or ransomware deployment.

🟢

If Mitigated

File upload blocked or PHP execution prevented in upload directories.

🌐 Internet-Facing: HIGH - Web applications are directly accessible from the internet.

🏢 Internal Only: MEDIUM - Internal applications could be exploited via phishing or compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the gift card template upload function, which typically requires some level of authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.0.3 or later

Vendor Advisory: https://makewebbetter.com/product/giftware-woocommerce-gift-cards/

Restart Required: No

Instructions:

1. Update Ultimate WooCommerce Gift Cards plugin to version 3.0.3 or later. 2. In WordPress admin, go to Plugins. 3. Find Ultimate WooCommerce Gift Cards. 4. Click Update Now. 5. Verify update completes successfully.

🔧 Temporary Workarounds

Disable Custom Gift Card Template

all

Temporarily disable the vulnerable feature until patching.

Restrict PHP Execution in Upload Directory

linux

Add .htaccess rule to prevent PHP execution in upload directories.

<FilesMatch "\.(php|php5|php7|phtml)$">
    Deny from all
</FilesMatch>

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block file uploads with PHP extensions.
Restrict access to the gift card template upload function to trusted administrators only.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Ultimate WooCommerce Gift Cards version. If version is 3.0.2 or earlier, system is vulnerable.

Check Version:

wp plugin list --name='Ultimate WooCommerce Gift Cards' --field=version

Verify Fix Applied:

Confirm plugin version is 3.0.3 or later in WordPress admin plugins page.

📡 Detection & Monitoring

Log Indicators:

File uploads with .php extension to gift card template directories
Unusual POST requests to gift card template endpoints
Webshell creation timestamps in upload directories

Network Indicators:

POST requests with file uploads to /wp-content/plugins/woocommerce-gift-cards/
Unexpected outbound connections from web server

SIEM Query:

source="web_server" AND (uri_path="*gift*card*template*" AND method="POST") OR (file_extension="php" AND upload_directory="*gift*card*")

📊 Metadata

CVE ID: CVE-2020-35627

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: December 28, 2020

Last Updated: November 21, 2024

🔗 References

https://gist.github.com/bc0d3/cbc458f0fcbe0f897e529c7f3d77c9d6 Exploit,Third Party Advisory
https://makewebbetter.com/product/giftware-woocommerce-gift-cards/ Product,Third Party Advisory
https://gist.github.com/bc0d3/cbc458f0fcbe0f897e529c7f3d77c9d6 Exploit,Third Party Advisory
https://makewebbetter.com/product/giftware-woocommerce-gift-cards/ Product,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-35627, you might also want to check these: