Lucene search
K

344 matches found

NVD
NVD
added 2026/06/15 9:17 p.m.11 views

CVE-2026-49775

Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...

6.5CVSS0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.7 views

EUVD-2026-36895

Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...

6.5CVSS5.1AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.18 views

CVE-2026-49775

CVE-2026-49775 affects WordPress Welcart e-Commerce plugin versions

6.5CVSS5.1AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.31 views

CVE-2026-49775 WordPress Welcart e-Commerce plugin <= 2.11.28 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...

6.5CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.7 views

CVE-2026-49775 WordPress Welcart e-Commerce plugin <= 2.11.28 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...

6.5CVSS5.1AI score0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49345

Name of the Vulnerable Software and Affected Versions Welcart e-Commerce versions prior to 2.11.29 Description Unauthenticated broken access control allows unauthorized users to bypass security restrictions. Recommendations Update to a version newer than 2.11.28...

6.5CVSS5.2AI score0.00191EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/04 12:51 p.m.10 views

WordPress Welcart e-Commerce plugin <= 2.11.28 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Welcart e-Commerce versions = 2.11.28...

6.5CVSS5.4AI score0.00191EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.8 views

CVE-2023-43610

SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor without setting authority or higher privilege to perform unintended database operations...

8.8CVSS7.8AI score0.00909EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.7 views

CVE-2023-43614

Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script...

6.1CVSS6.6AI score0.00621EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.9 views

CVE-2023-43484

Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script...

6.1CVSS6.6AI score0.00621EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.8 views

CVE-2023-43493

SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information...

4.9CVSS7.5AI score0.00767EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.9 views

CVE-2023-40532

Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server...

4.3CVSS6.4AI score0.00597EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 3:27 a.m.16 views

CVE-2025-12979

CVE-2025-12979 describes an unauthorized data exposure vulnerability in the WordPress plug‑in Welcart e-Commerce . A missing capability check on the usces_export action affects all versions up to and including 2.11.24 , allowing unauthenticated attackers to access sensitive data such as configure...

5.3CVSS5.1AI score0.00213EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/13 3:27 a.m.7 views

CVE-2025-12979 Welcart e-Commerce <= 2.11.24 - Missing Authorization to Unauthenticated Information Exposure

The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uscesexport' action in all versions up to, and including, 2.11.24. This makes it possible for unauthenticated attackers to access configured payment credentials ex...

5.3CVSS0.00213EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.4 views

WordPress plugin Welcart e-Commerce 安全漏洞

WordPress Welcart e-Commerce Plugin is an e-commerce plugin designed for WordPress to build and manage online stores. WordPress Welcart e-Commerce Plugin suffers from an unauthorized access vulnerability that stems from a lack of capability checking in the uscesexport operation, which can be...

5.3CVSS6.3AI score0.00213EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.5 views

PT-2025-46782

Name of the Vulnerable Software and Affected Versions Welcart e-Commerce plugin for WordPress versions prior to 2.11.25 Description The Welcart e-Commerce plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability check on the usces export action...

5.3CVSS6.5AI score0.00213EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/11/12 11:16 p.m.7 views

WordPress Welcart e-Commerce plugin <= 2.11.24 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by dudekmar - CERT.PL in WordPress Plugin Welcart e-Commerce versions = 2.11.24...

5.3CVSS6.7AI score0.00213EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.4 views

CVE-2025-62953

Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through = 2.11.24...

4.3CVSS5.9AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 3:30 a.m.4 views

EUVD-2025-35989

Missing Authorization vulnerability in nanbu Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through = 2.11.24...

6.5AI score0.00217EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.13 views

CVE-2025-62953

Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through = 2.11.24...

4.3CVSS0.00217EPSS
Exploits0References1
Rows per page
Query Builder