2 matches found
WordPress Welcart plugin cross-site scripting vulnerability (CNVD-2015-05021)
WordPress is a set of WordPress Software Foundation blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers to set up a personal blog site.Welcart is one of the e-commerce plug-ins. A cross-site scripting vulnerability exists in versions of the WordPress...
Welcart vulnerable to cross-site scripting
Overview Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting CWE-79 vulnerability due to the processing of uscesreferer parameter in admin.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the...