3 matches found
CVE-2023-41233
Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2023-41233
CVE-2023-41233 affects Welcart e-Commerce plugin for WordPress, versions 2.7–2.8.21. The vulnerability is a Cross-site Scripting (XSS) flaw in the Item List page registration process, allowing a remote unauthenticated attacker to inject arbitrary script. The root cause is inadequate sanitization/...
JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...