Lucene search
JpcertCVELIST:CVE-2015-2973HistoryJul 24, 2015 - 4:00 p.m.
CVE-2015-2973
2015-07-2416:00:00
jpcert
www.cve.org
Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to (1) classes/usceshop.class.php, (2) includes/edit-form-advanced.php, (3) includes/edit-form-advanced30.php, (4) includes/edit-form-advanced34.php, (5) includes/member_edit_form.php, (6) includes/order_edit_form.php, (7) includes/order_list.php, or (8) includes/usces_item_master_list.php, related to admin.php.
Related
jvn
jvn
JVN#97971874: Welcart vulnerable to cross-site scripting
2015-07-24 00:00:00
prion
prion
Cross site scripting
2015-07-24 16:59:00
cve
cve
CVE-2015-2973
2015-07-24 16:59:02
patchstack
patchstack
WordPress Welcart Plugin <= 1.4.17 - Multiple XSS
2015-04-07 00:00:00
wpvulndb
wpvulndb
Welcart e-Commerce < 1.4.18 - Multiple Vulnerabilities
2015-07-15 00:00:00
nvd
nvd
CVE-2015-2973
2015-07-24 16:59:02