2 matches found
CVE-2023-40532
Welcart e-Commerce contains a path traversal vulnerability (CVE-2023-40532) affecting versions 2.7–2.8.21. A user with author or higher privilege can obtain partial information about server files. Red Hat, JVN, and WPVulndb entries align on the issue and remediation guidance. The fix is to update...
JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...