Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
jvnJapan Vulnerability NotesJVN:97197972
HistorySep 22, 2023 - 12:00 a.m.

JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

2023-09-2200:00:00
Japan Vulnerability Notes
jvn.jp
21
wordpress
welcart e-commerce
collne inc
cve-2023-40219
cve-2023-40532
cve-2023-41233
cve-2023-41962
cve-2023-43484
cve-2023-43493
cve-2023-43610
cve-2023-43614
update
version 2.8.22
vulnerabilities
security
patch
sql injection
cross-site scripting
path traversal
file upload

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.1%

JSON

WordPress plugin “Welcart e-Commerce” provided by Collne Inc. contains multiple vulnerabilities listed below.

Unrestricted Upload of File with Dangerous Type (CWE-434) - CVE-2023-40219

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Base Score: 2.7
CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0

Path Traversal (CWE-22) - CVE-2023-40532

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0

Cross-site Scripting in registration process of Item List page (CWE-79) - CVE-2023-41233

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3

Cross-site Scripting in Credit Card Payment Setup page (CWE-79) - CVE-2023-41962

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3

Cross-site Scripting in Item List page (CWE-79) - CVE-2023-43484

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
CVSS v2 AV:N/AC:L/Au:N/C:N/I:P/A:N Base Score: 4.3

SQL Injection in Item List page (CWE-89) - CVE-2023-43493

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score: 6.5
CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0

SQL Injection in Order Data Edit page (CWE-89) - CVE-2023-43610

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Base Score: 5.4
CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:N Base Score: 5.5

Cross-site Scripting in Order Data Edit page (CWE-79) - CVE-2023-43614

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
CVSS v2 AV:N/AC:L/Au:N/C:N/I:P/A:N Base Score: 4.3

Impact

  • A user with editor or higher privilege may upload an arbitrary file to an unauthorized directory - CVE-2023-40219
  • A user with author or higher privilege may obtain partial information of the files on the web server - CVE-2023-40532
  • An arbitrary script may be executed on a logged-in user’s web browser - CVE-2023-41233, CVE-2023-43484, CVE-2023-43614
  • When accessing a specially crafted page, an arbitrary script may be injected in Credit Card Payment Setup page - CVE-2023-41962
  • A user with author or higher privilege may obtain sensitive information - CVE-2023-43493
  • A user with editor (without setting authority) or higher privilege may perform unintended database operations - CVE-2023-43610

Solution

Update the plugin
Update the plugin according to the information provided by the developer.
The developer has released the following version that addresses these vulnerabilities.

  • Welcart e-Commerce 2.8.22

Products Affected

  • Welcart e-Commerce versions 2.7 to 2.8.21

Related

wpvulndb 5
nvd 8
cve 8
prion 8
cvelist 8
wordfence 1
wpvulndb
wpvulndb
Welcart e-Commerce < 2.8.22 - Multiple XSS
2023-09-28 00:00:00
Welcart e-Commerce < 2.8.22 - Author+ SQL Injection
2023-09-28 00:00:00
Welcart e-Commerce < 2.8.22 - Editor+ SQL Injection
2023-09-28 00:00:00
nvd
nvd
CVE-2023-43614
2023-09-27 15:19:34
CVE-2023-43493
2023-09-27 15:19:34
CVE-2023-41233
2023-09-27 15:19:27
cve
cve
CVE-2023-43493
2023-09-27 15:19:34
CVE-2023-43484
2023-09-27 15:19:34
CVE-2023-40219
2023-09-27 15:19:02
prion
prion
Sql injection
2023-09-27 15:19:00
Cross site scripting
2023-09-27 15:19:00
Cross site scripting
2023-09-27 15:19:00
cvelist
cvelist
CVE-2023-43493
2023-09-26 08:18:24
CVE-2023-40219
2023-09-26 08:13:16
CVE-2023-40532
2023-09-26 08:14:17
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 25, 2023 to October 1, 2023)
2023-10-05 15:10:17

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.1%

JSON
Related for JVN:97197972
wpvulndb5nvd8cve8prion8cvelist8wordfence1