7 matches found
CVE-2015-3301
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart aka The Professional WordPress eCommerce Plugin plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. dot dot in the tcpboxpath parameter in the checkouteditorsettings page to...
CVE-2015-3301
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart aka The Professional WordPress eCommerce Plugin plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. dot dot in the tcpboxpath parameter in the checkouteditorsettings page to...
CVE-2015-3301
The CartPress/TheCartPress WordPress plugin (vulnerable before 1.3.9.3) suffers a Local PHP File Inclusion/Directory Traversal (CVE-2015-3301) via the tcp_box_path parameter in checkout_editor_settings (/wp-admin/admin.php?page=checkout_editor_settings). Exploitation requires administrative privi...
Multiple Vulnerabilities in TheCartPress WordPress plugin
Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...
WordPress TheCartPress 1.3.9 XSS / Local File Inclusion
Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...
WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities
WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor...
WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities
Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...