CVE-2015-2973

🗓️ 24 Jul 2015 16:00:00Reported by jpcertType

cve

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 38 Views🌐 WEB

CVE-2015-2973 XSS vulnerabilities in Welcart plugin for WordPres

Reporter	Title	Published	Views	Family All 9
CNVD	WordPress Welcart plugin cross-site scripting vulnerability (CNVD-2015-05021)	29 Jul 201500:00	–	cnvd
Cvelist	CVE-2015-2973	24 Jul 201516:00	–	cvelist
EUVD	EUVD-2015-3056	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#97971874: Welcart vulnerable to cross-site scripting	24 Jul 201500:00	–	jvn
Japan Vulnerability Notes	Welcart vulnerable to cross-site scripting	24 Jul 201505:33	–	jvn
NVD	CVE-2015-2973	24 Jul 201516:59	–	nvd
Patchstack	WordPress Welcart Plugin <= 1.4.17 - Multiple XSS	7 Apr 201500:00	–	patchstack
Prion	Cross site scripting	24 Jul 201516:59	–	prion
WPVulnDB	Welcart e-Commerce < 1.4.18 - Multiple Vulnerabilities	15 Jul 201500:00	–	wpvulndb

NVD

Node

welcart welcart_e-commerceRange≤1.4.17wordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/1199120
wpvulndb	www.wpvulndb.com/vulnerabilities/8114
jvndb	www.jvndb.jvn.jp/jvndb/JVNDB-2015-000103
welcart	www.welcart.com/community/archives/74867
jvn	www.jvn.jp/en/jp/JVN97971874/index.html

Parameter	Position	Path	Description	CWE
usces_referer	query param	admin.php	XSS vulnerability via usces_referer parameter in admin.php related to Welcart plugin (files listed)	CWE-79

06 May 2026 22:30Current

6Medium risk

Vulners AI Score6

CVSS 24.3

EPSS0.00435

cve-2015-2973 xss welcart plugin wordpress security vulnerability nvd