CVE-2025-10268— Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal
Possible ATT&CK Techniques 1AI
T1083 · File and Directory DiscoveryGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-10268
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Unknown | Printcart Web to Print Product Designer for WooCommerce | 0 ~ 2.4.8 | - |
II. Public POCs for CVE-2025-10268
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-10268
请登录查看更多情报信息。
Vendor Advisories for CVE-2025-10268 (1)
Same Patch Batch · Unknown · 2026-06-26 · 4 CVEs total
| CVE-2026-10835 | SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection | |
| CVE-2026-8380 | Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion | |
| CVE-2026-10823 | YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure |
IV. Related Vulnerabilities
Same product: Printcart Web to Print Product Designer for WooCommerce
Same vendor: Unknown
- CVE-2026-10835
SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection - CVE-2026-8380
Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Pos - CVE-2026-10823
YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Po - CVE-2026-9702
InPost PL < 1.9.1 - Unauthenticated WooCommerce Order Parcel - CVE-2026-10824
Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disc
V. Comments for CVE-2025-10268
No comments yet