CVE-2015-3986

Thecartpress Ecommerce Shopping Cart < 1.3.9 - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators for requests that conduct directory traversal attacks via the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/36860

View Code ZIP pw:eip

References (6)

[Product] https://wordpress.org/plugins/thecartpress/changelog/

[Exploit] https://www.exploit-db.com/exploits/36860/

[Exploit] http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html

[Exploit] https://www.htbridge.com/advisory/HTB23254

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/535396/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/74395

Scores

EPSS 0.0162

EPSS Percentile 81.6%

Classification

CWE

CWE-352

Status draft

Affected Products (1)

thecartpress/thecartpress_ecommerce_shopping_cart < 1.3.9

Timeline

Published May 14, 2015

Tracked Since Feb 18, 2026