Bounty Leaderboard API Enable Protection

WordPress Welcart e-Commerce Plugin <= 2.7.7 is vulnerable to Directory Traversal

High severity CVSS 3.1 score
Not known to be exploited Report an attack

Protect your sites with automated security

Enable Protection



Update the WordPress Welcart e-Commerce plugin to the latest available version (at least 2.7.8).


Show technical details

Nguyen Anh Tien discovered and reported this Directory Traversal vulnerability in WordPress Welcart e-Commerce Plugin. This could allow a malicious actor to see all files in a given directory or determine if certain files/directories exist in given folder. This can be used to exploit other weaknesses in the system This vulnerability has been fixed in version 2.7.8.

Other vulnerabilities in this plugin

0 present
13 patched
View all

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close