The Welcart e-Commerce WordPress plugin before 2.8.5 does...
High severity
Unreviewed
Published
Jan 3, 2023
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
Jan 2, 2023
Published to the GitHub Advisory Database
Jan 3, 2023
Last updated
Feb 2, 2023
The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server
References