Lucene search
China National Vulnerability DatabaseCNVD-2023-07754HistoryNov 23, 2022 - 12:00 a.m.
WordPress Welcart eCommerce directory traversal vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
welcart ecommerce
directory traversal
vulnerability
php
wordpress foundation
validity checks
sensitive information
attackers
exploit
0.016 Low
EPSS
Percentile
87.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Welcart eCommerce 2.7.7 and earlier versions are vulnerable to a directory traversal vulnerability, which stems from a lack of validity checks on paths when handling directory requests, and can be exploited by attackers to to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress welcart ecommerce plugin | le | 2.7.7 |
Related
cvelist
cvelist
patchstack
patchstack
nvd
nvd
CVE-2022-41840
2022-11-18 19:15:30
cve
cve
CVE-2022-41840
2022-11-18 19:15:30
prion
prion
Directory traversal
2022-11-18 19:15:00
wpvulndb
wpvulndb
Welcart eCommerce < 2.7.8 - Unauthenticated Arbitrary File Access
2022-10-20 00:00:00
Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
2022-12-05 00:00:00
nuclei
nuclei
Welcart eCommerce <=2.7.7 - Local File Inclusion
2022-10-22 13:43:27
wpexploit
wpexploit
Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
2022-12-05 00:00:00