Security Advisory

CVE-2022-4140

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-02 21:49:12

Last updated 2025-04-10 19:11:34

Assigner WPScan

State PUBLISHED

Description

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server

← Browse all CVEs View on cve.org ↗