Welcart E-commerce Security Vulnerabilities and Issues — Welcart E-commerce CVE List

cve

CVE-2020-28339

The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP...

8.8CVSS

8.8AI Score

0.001EPSS

2020-11-07 07:15 PM

39

cve

CVE-2016-4828

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an...

6.5CVSS

6.5AI Score

0.002EPSS

2016-06-25 09:59 PM

25

cve

CVE-2016-4825

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized...

5.6CVSS

6.3AI Score

0.004EPSS

2016-06-25 09:59 PM

21

cve

CVE-2016-4827

Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

6.1CVSS

6.1AI Score

0.001EPSS

2016-06-25 09:59 PM

17

cve

CVE-2016-4826

Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

6.1CVSS

6.1AI Score

0.001EPSS

2016-06-25 09:59 PM

22