WordPress plugin Welcart e-Commerce 安全漏洞

WordPress Welcart e-Commerce Plugin is an e-commerce plugin designed for WordPress to build and manage online stores. WordPress Welcart e-Commerce Plugin suffers from an unauthorized access vulnerability that stems from a lack of capability checking in the uscesexport operation, which can be...

EUVD-2008-6771

Malware in sbrugna...

EUVD-2016-5810

Malware in sbrugna...

EUVD-2023-26834

Malicious code in bioql PyPI...

EUVD-2023-50844

Malicious code in bioql PyPI...

EUVD-2025-13657

Malicious code in bioql PyPI...

EUVD-2023-46350

Malicious code in bioql PyPI...

EUVD-2025-1727

Malicious code in bioql PyPI...

EUVD-2022-51595

Malicious code in bioql PyPI...

EUVD-2024-16469

Malicious code in bioql PyPI...

EUVD-2025-13654

Malicious code in bioql PyPI...

CVE-2015-10135

The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxUpload function in versions before 1.3.9.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

CVE-2023-41858

Cross-Site Request Forgery CSRF vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin = 1.2 versions...

CVE-2023-41859

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin = 1.2 versions...

CVE-2023-46642

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin = 1.2.2 versions...

CVE-2025-3852

The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.0 to 2.6.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email & password through the update function. This makes i...

CVE-2025-0511

The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress Plugin Verge3D Publishing and E-Commerce Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exists ...

CVE-2023-50847 WordPress Welcart e-Commerce Plugin <= 2.9.3 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

CVE-2023-41858

Cross-Site Request Forgery CSRF vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin = 1.2 versions...