← back
CVE-2015-3301

CVE-2015-3301

EPSS 9.1%
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.htmlunverifiedcve_referencewww.exploit-db.com/exploits/36860/unverifiedexploitdbwww.exploit-db.com/exploits/36860unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/show/osvdb/121439http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.htmlhttps://wordpress.org/plugins/thecartpress/changelog/https://www.exploit-db.com/exploits/36860/https://www.htbridge.com/advisory/HTB23254http://www.securityfocus.com/archive/1/535396/100/0/threadedhttp://www.securityfocus.com/bid/74395