CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50847 – WordPress Welcart e-Commerce Plugin <= 2.9.3 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-50847
21 Dec 2023 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3. Neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Collne Inc. Welcart e-Commerce. Este problema afecta a Welcart e-Commerce: desde n/a hasta 2.9.3. • https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-9-3-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6120 – Welcart e-Commerce <= 2.9.6 - Authenticated (Administrator+) Directory Traversal
https://notcve.org/view.php?id=CVE-2023-6120
08 Dec 2023 — The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the upload_certificate_file function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server. El complemento Welcart e-Commerce para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 2.9.6 incluida a través de la función upload_certificate_file. Esto hace posible que los administradores carguen archiv... • https://plugins.trac.wordpress.org/changeset/2992785/usc-e-shop/trunk/classes/paymentPaygent.class.php?contextall=1&old=2880236&old_path=%2Fusc-e-shop%2Ftrunk%2Fclasses%2FpaymentPaygent.class.php • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5953 – Welcart e-Commerce < 2.9.5 - Subscriber+ Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-5953
14 Nov 2023 — The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as well as does not have authorisation and CSRF in an AJAX action handling such upload. As a result, any authenticated users, such as subscriber could upload arbitrary files, such as PHP on the server El complemento Welcart e-Commerce de WordPress anterior a 2.9.5 no valida los archivos que se van a cargar, además de que no tiene autorización ni CSRF en una acción AJAX que maneje dicha carga. Como resultado, cualqui... • https://wpscan.com/vulnerability/6d29ba12-f14a-4cee-baae-a6049d83bce6 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22705 – WordPress Welcart e-Commerce Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-22705
27 Jan 2023 — Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin <= 2.8.10 versions. The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.8.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-8-10-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4655 – Welcart e-Commerce < 2.8.9 - Contributor+ Stored XSS via Shortcode
https://notcve.org/view.php?id=CVE-2022-4655
23 Dec 2022 — The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack. El complemento Welcart e-Commerce de WordPress anterior a 2.8.9 no valida ni escapa uno de sus atributos de código corto, lo que podría permitir a los usuarios con un rol tan bajo como colaborador realizar un ataque de cross-site scripting almacenado. The Welcart e-Commerce plugin for W... • https://wpscan.com/vulnerability/a1c70c80-e952-4cc7-aca0-c2dde3fa08a9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4237 – Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
https://notcve.org/view.php?id=CVE-2022-4237
05 Dec 2022 — The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it in file_exist() functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a file and a suitable gadget chain is present on the blog El complemento Welcart e-Commerce de WordPress anterior a 2.8.6 no valida la entrada del usuario antes de usarlo en funciones file_exist() a través de varias... • https://wpscan.com/vulnerability/7a4b790c-49ae-46bc-9544-e188deae243f • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4236 – Welcart e-Commerce < 2.8.5 - Subscriber+ Arbitrary File Access
https://notcve.org/view.php?id=CVE-2022-4236
05 Dec 2022 — The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server. El complemento Welcart e-Commerce de WordPress anterior a 2.8.5 no valida la entrada del usuario antes de usarlo para generar el contenido de un archivo a través de una acción AJAX disponible para cualquier usuario autenticado, l... • https://wpscan.com/vulnerability/436d8894-dab8-41ea-8ed0-a3338aded635 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1CVE-2022-4140 – Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
https://notcve.org/view.php?id=CVE-2022-4140
30 Nov 2022 — The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server El complemento Welcart e-Commerce WordPress anterior a 2.8.5 no valida la entrada del usuario antes de usarlo para generar el contenido de un archivo, lo que podría permitir a un atacante no autenticado leer archivos arbitrarios en el servidor. The Welcart e-Commerce plugin for WordPress is vulnerab... • https://wpscan.com/vulnerability/0d649a7e-3334-48f7-abca-fff0856e12c7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3935 – Welcart e-Commerce < 2.8.4 - Multiple Subscriber+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-3935
21 Nov 2022 — The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks El complemento de WordPress Welcart e-Commerce anterior a 2.8.4 no sanitiza ni escapa a algunos parámetros, lo que podría permitir a cualquier usuario autenticado, como un suscriptor, realizar ataques de cross site scripting almacenado. The Welcart e-Commerce plugin for WordPress is vulnerable to Stored... • https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-4162e234ea05 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3946 – Welcart e-Commerce < 2.8.4 - Subscriber+ Arbitrary Shipping Method Creation/Update/Deletion
https://notcve.org/view.php?id=CVE-2022-3946
21 Nov 2022 — The Welcart e-Commerce WordPress plugin before 2.8.4 does not have authorisation and CSRF in an AJAX action, allowing any logged-in user to create, update and delete shipping methods. El complemento de WordPress Welcart e-Commerce anterior a 2.8.4 no tiene autorización ni CSRF en una acción AJAX, lo que permite a cualquier usuario que haya iniciado sesión crear, actualizar y eliminar métodos de envío. The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to a missing capabili... • https://wpscan.com/vulnerability/b48e4e1d-e682-4b16-81dc-2feee78d7ed0 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •