Lucene search
HistoryNov 18, 2022 - 7:15 p.m.
CVE-2022-41840
cve-2022-41840
unauthenticated
directory traversal
vulnerability
welcart ecommerce
wordpress
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.5%
Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress.
Affected configurations
Node
collne_inc.welcart_e-commerce_\(wordpress_plugin\)Range≤2.7.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| collne:welcart_e-commerce | collne welcart e-commerce | lt | 2.7.8 |
CNA Affected
[
{
"vendor": "Collne Inc.",
"product": "Welcart e-Commerce (WordPress plugin)",
"versions": [
{
"version": "<= 2.7.7",
"status": "affected",
"lessThanOrEqual": "2.7.7",
"versionType": "custom"
}
]
}
]Social References
More
Related
patchstack
patchstack
cvelist
cvelist
cnvd
cnvd
WordPress Welcart eCommerce directory traversal vulnerability
2022-11-23 00:00:00
prion
prion
Directory traversal
2022-11-18 19:15:00
nuclei
nuclei
Welcart eCommerce <=2.7.7 - Local File Inclusion
2022-10-22 13:43:27
wpvulndb
wpvulndb
Welcart eCommerce < 2.7.8 - Unauthenticated Arbitrary File Access
2022-10-20 00:00:00
Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
2022-12-05 00:00:00
nvd
nvd
CVE-2022-41840
2022-11-18 19:15:30
wpexploit
wpexploit
Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
2022-12-05 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.5%
Related for CVE-2022-41840