Collne - Welcart E-commerce CVE

Filtered by vendor Collne Subscribe

Filtered by product Welcart E-commerce

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-6120	1 Collne	1 Welcart E-commerce	2023-12-12	N/A	2.7 LOW
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the upload_certificate_file function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server.

Vulnerabilities (CVE)