The vulnerability identified as CVE-2024-50494 affects the Amin Omer Sudan Payment Gateway plugin for WooCommerce, specifically versions up to and including 1.2.2. This security flaw allows an attacker to perform unrestricted uploads of files with dangerous types, such as executable web shells, to the web server hosting the WooCommerce site. The root cause is the plugin's failure to properly validate or restrict the types of files that can be uploaded, thereby permitting malicious payloads to be placed on the server. Once a web shell is uploaded, an attacker can execute arbitrary commands remotely, potentially gaining full control over the server environment. This can lead to data theft, website defacement, pivoting within the network, or further malware deployment. The vulnerability does not require any form of authentication or user interaction, making it easier for attackers to exploit. Although no public exploits have been reported yet, the nature of the vulnerability and the ease of exploitation make it a critical risk. The plugin is used primarily by WooCommerce sites processing payments in Sudan or targeting Sudanese customers, but any site using this plugin is at risk. The lack of a CVSS score requires an expert severity assessment, which indicates a high severity due to the potential for remote code execution and server compromise. No official patches or mitigation links have been published at the time of disclosure, emphasizing the need for immediate defensive measures.

The impact of CVE-2024-50494 is significant for organizations using the Amin Omer Sudan Payment Gateway plugin on WooCommerce. Successful exploitation allows attackers to upload web shells, leading to remote code execution on the affected web server. This can result in full server compromise, data breaches, unauthorized access to sensitive customer and payment information, disruption of e-commerce operations, and potential reputational damage. Attackers could also use the compromised server as a pivot point to infiltrate internal networks or launch further attacks. Since the vulnerability requires no authentication, it broadens the attack surface and increases the likelihood of exploitation. Organizations operating in regions with high WooCommerce adoption and those processing payments through this gateway are particularly at risk. The absence of known exploits in the wild currently limits immediate widespread impact, but the vulnerability remains a critical threat if weaponized.

To mitigate CVE-2024-50494, organizations should take the following specific actions: 1) Immediately audit all WooCommerce sites using the Amin Omer Sudan Payment Gateway plugin and identify affected versions (<= 1.2.2). 2) If an official patch becomes available, apply it without delay. 3) In the absence of a patch, disable or remove the vulnerable plugin to prevent exploitation. 4) Implement strict server-side file upload validation and filtering to block dangerous file types, especially executable scripts like PHP, ASP, or others. 5) Employ web application firewalls (WAFs) with rules to detect and block suspicious file upload attempts targeting this plugin. 6) Monitor web server logs and upload directories for unusual or unauthorized files, particularly web shells. 7) Restrict file upload directories with appropriate permissions and isolate them from critical system components. 8) Conduct regular security scans and penetration tests focusing on file upload functionalities. 9) Educate development and operations teams about secure file handling practices. 10) Consider deploying runtime application self-protection (RASP) tools to detect and prevent exploitation attempts in real time.