4 matches found
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
CVE-2020-28339
creationtimestamp| type| source ---|---|--- 2020-11-07 22:52:40+00:00| seen| https://t.me/cibsecurity/16018...
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
CVE-2020-28339
CVE-2020-28339 affects the WordPress plugin Welcart e-Commerce (usc-e-shop) up to version 1.9.36. The issue is an authenticated PHP Object Injection via usces_unserialize, with the CVE description noting there is not a complete POP chain. Affected: plugin in WordPress; root cause: object injectio...