Description
The ilGhera Carta Docente for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.0 via the 'cert' parameter of the 'wccd-delete-certificate' AJAX action. This is due to insufficient file path validation before performing a file deletion. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, such as wp-config.php, which can make site takeover and remote code execution possible.
Published: 2026-03-20
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Deletion via authenticated path traversal
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a path traversal flaw in the ilGhera Carta Docente for WooCommerce plugin. The flaw arises because the 'cert' parameter of the 'wccd-delete-certificate' AJAX action is not properly validated, allowing an authenticated user with Administrator level or higher to delete any file on the server. This could lead to removal of critical files such as wp‑config.php, enabling site takeover or remote code execution. The weakness is identified as CWE‑22.

Affected Systems

The vulnerability affects the ghera74 ilGhera Carta Docente for WooCommerce plugin for WordPress versions 1.5.0 and earlier. No newer versions are listed as affected.

Risk and Exploitability

The CVSS score of 6.5 indicates medium severity. No EPSS data is available and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an account with Administrator privileges or higher, meaning that a compromised or poorly protected WordPress installation is at risk. According to the description, an attacker can delete arbitrary files on the server, which could lead to total site compromise if critical configuration files are removed.

Generated by OpenCVE AI on March 20, 2026 at 09:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the ilGhera Carta Docente for WooCommerce plugin to version 1.5.1 or later.
  • If an update is not immediately possible, disable the plugin to prevent the deletion action.
  • Restrict file deletion capabilities by adjusting file permissions or using a security plugin to limit admin actions.
  • Monitor server logs for unexpected file deletion attempts.
  • Apply the principle of least privilege to all user accounts, ensuring only necessary accounts have Administrator privileges.

Generated by OpenCVE AI on March 20, 2026 at 09:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Ghera74
Ghera74 ilghera Carta Docente For Woocommerce
Wordpress
Wordpress wordpress
Vendors & Products Ghera74
Ghera74 ilghera Carta Docente For Woocommerce
Wordpress
Wordpress wordpress

Fri, 20 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
Description The ilGhera Carta Docente for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.0 via the 'cert' parameter of the 'wccd-delete-certificate' AJAX action. This is due to insufficient file path validation before performing a file deletion. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, such as wp-config.php, which can make site takeover and remote code execution possible.
Title ilGhera Carta Docente for WooCommerce <= 1.5.0 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'cert' Parameter
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H'}

Subscriptions

Ghera74 Ilghera Carta Docente For Woocommerce
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:02:22.917Z

Reserved: 2026-02-12T20:06:45.334Z

Link: CVE-2026-2421

cve-icon Vulnrichment

Updated: 2026-03-20T21:21:51.301Z

cve-icon NVD

Status : Deferred

Published: 2026-03-20T09:16:14.127

Modified: 2026-04-22T21:32:08.360

Link: CVE-2026-2421

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T16:27:41Z

Weaknesses