cbcvebase.
CVE-2012-3576
published 2012-06-16

CVE-2012-3576: Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary…

PriorityP271critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
18.43%
96.9th percentile
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart.

Affected

98 ranges· showing 25
VendorProductVersion rangeFixed in
jquindlenwpstorecart<= 2.5.29
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart
jquindlenwpstorecart

Detection & IOCsextracted from sources · hover to see the quote

pathphp/upload.php
pathuploads/wpstorecart
urlhttp://www.exemple.com/wordpress/wp-content/uploads/wpstorecart/lo.php
path/wp-content/plugins/wpstorecart/
  • Monitor for POST requests to the vulnerable upload endpoint at php/upload.php within the wpStoreCart plugin directory
  • Alert on GET/POST requests to wp-content/uploads/wpstorecart/ for files with executable extensions (e.g., .php), indicating post-upload webshell access
  • Use the Google dork pattern inurl:/wp-content/plugins/wpstorecart/ to identify exposed vulnerable WordPress installations during threat hunting
  • ·Vulnerability affects only wpStoreCart plugin versions 2.5.27 through 2.5.29; version 2.5.30 and later are patched
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.