The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server.
History

Mon, 29 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Printcart
Printcart web To Print Product Designer
Wordpress
Wordpress wordpress
Vendors & Products Printcart
Printcart web To Print Product Designer
Wordpress
Wordpress wordpress

Fri, 26 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-22

Fri, 26 Jun 2026 14:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-22

Fri, 26 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 26 Jun 2026 08:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-22

Fri, 26 Jun 2026 06:30:00 +0000

Type Values Removed Values Added
Description The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server.
Title Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal
References

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2026-06-26T06:00:02.131Z

Updated: 2026-06-26T12:18:49.371Z

Reserved: 2025-09-11T12:30:32.763Z

Link: CVE-2025-10268

cve-icon Vulnrichment

Updated: 2026-06-26T12:18:30.225Z

cve-icon NVD

No data.

cve-icon Redhat

No data.