| Vulnerability | WordPress plugin Welcart e-Commerce content-log.php logfile File Read Vulnerability |
|---|---|
| Chinese name | WordPress Welcart e-Commerce 插件 content-log.php 文件 logfile 参数文件读取漏洞 |
| CVSS core | 9.8 |
| FOFA Query (click to view the results directly) | body="wp-content/plugins/usc-e-shop" |
| Number of assets affected | 5453 |
| Description | Welcart is a free e-commerce plugin for WordPress with top market share in Japan.An arbitrary file read vulnerability exists in Welcart e-Commerce < 2.8.5, and attackers can exploit this vulnerability to obtain sensitive files. |
| Impact | Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website. |
