CVE-2023-6120
published 2023-12-09CVE-2023-6120: The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the upload_certificate_file…
PriorityP413low2.7CVSS 3.1
AVNACLPRHUINSUCNILAN
EPSS
0.46%
36.4th percentile
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the upload_certificate_file function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| uscnanbu | welcart_e-commerce | <= 2.9.6 | — |
| welcart | welcart_e-commerce | < 2.9.7 | 2.9.7 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Welcart e-Commerce Plugin up to 2.9.6 on WordPress path traversal (ID 2992785)
vuldb·2026-04-11·CVSS 4.1
CVE-2023-6120 [MEDIUM] Welcart e-Commerce Plugin up to 2.9.6 on WordPress path traversal (ID 2992785)
A vulnerability was found in Welcart e-Commerce Plugin up to 2.9.6 on WordPress. It has been classified as critical. This affects an unknown part. This manipulation causes path traversal.
This vulnerability is registered as CVE-2023-6120. Remote exploitation of the attack is possible. No exploit is available.
GHSA
GHSA-5972-9g9g-mf6x: The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2
ghsa_unreviewed·2023-12-09
CVE-2023-6120 [MEDIUM] CWE-22 GHSA-5972-9g9g-mf6x: The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the upload_certificate_file function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2992785/usc-e-shop/trunk/classes/paymentPaygent.class.php?contextall=1&old=2880236&old_path=%2Fusc-e-shop%2Ftrunk%2Fclasses%2FpaymentPaygent.class.phphttps://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2999846%40usc-e-shop%2Ftrunk&old=2996147%40usc-e-shop%2Ftrunk&sfp_email=&sfph_mail=#file1https://www.wordfence.com/threat-intel/vulnerabilities/id/2677cea6-d60d-4e10-afd7-e088a5592b19?source=cvehttps://plugins.trac.wordpress.org/changeset/2992785/usc-e-shop/trunk/classes/paymentPaygent.class.php?contextall=1&old=2880236&old_path=%2Fusc-e-shop%2Ftrunk%2Fclasses%2FpaymentPaygent.class.phphttps://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2999846%40usc-e-shop%2Ftrunk&old=2996147%40usc-e-shop%2Ftrunk&sfp_email=&sfph_mail=#file1https://www.wordfence.com/threat-intel/vulnerabilities/id/2677cea6-d60d-4e10-afd7-e088a5592b19?source=cve
2023-12-09
Published