4 matches found
CVE-2023-6120
creationtimestamp| type| source ---|---|--- 2024-01-01 06:51:31+00:00| seen| https://t.me/ctinow/161204...
WordPress Welcart e-Commerce Plugin <= 2.9.6 is vulnerable to Path Traversal
Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.6 Fixed in 2.9.7 OWASP Top 10 A5: Security Misconfiguration Classification Path Traversal CVE CVE-2023-6120 Patch priority Medium CVSS severity Medium 4.1 Developer Claim ownership PSID 545792f26683 Credits Marco Wotschka Required...
CVE-2023-6120
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...
CVE-2023-6120
CVE-2023-6120 (Welcart e-Commerce, WordPress) is a directory-traversal vulnerability in the plugin’s upload_certificate_file function, affecting all versions up to and including 2.9.6. An authenticated administrator can upload .pem or .crt files to arbitrary server locations, enabling potential f...