CVE-2026-1208 Friendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery to Settings Update

The Friendly Functions for Welcart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to update plugin setting...

EUVD-2023-26834

Malicious code in bioql PyPI...

CVE-2024-10726

CVE-2024-10726 – The Friendly Functions for Welcart plugin for WordPress is vulnerable to Cross-Site Request Forgery that can lead to Stored Cross-Site Scripting. Affected versions are

Welcart e-Commerce < 2.10.0 - Missing Authorization

Description The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the uscesitemduplicate function in versions up to, and including, 2.9.14. This makes it possible for authenticated attackers, with author-level access and above, to...

WordPress Welcart e-Commerce Plugin <= 2.9.14 is vulnerable to Broken Access Control

Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.14 Fixed in 2.10.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32144 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ee1ee2dda449 Credits emad Required privilege...

Directory traversal

The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...

CVE-2023-6120

CVE-2023-6120 (Welcart e-Commerce, WordPress) is a directory-traversal vulnerability in the plugin’s upload_certificate_file function, affecting all versions up to and including 2.9.6. An authenticated administrator can upload .pem or .crt files to arbitrary server locations, enabling potential f...

CVE-2023-6120 Welcart e-Commerce <= 2.9.6 - Authenticated (Administrator+) Directory Traversal

The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...

CVE-2023-5952

The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog...

CVE-2023-5953

The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as well as does not have authorisation and CSRF in an AJAX action handling such upload. As a result, any authenticated users, such as subscriber could upload arbitrary files, such as PHP on the server...

CVE-2023-5951

CVE-2023-5951 concerns the Welcart e-Commerce WordPress plugin pre-2.9.5, where a parameter is not sanitized/escaped before being echoed back in the page, causing a Reflected XSS . The root cause is improper output handling of a parameter, enabling an attacker to trigger script execution in conte...

CVE-2023-5953 Welcart e-Commerce < 2.9.5 - Subscriber+ Arbitrary File Upload

The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as well as does not have authorisation and CSRF in an AJAX action handling such upload. As a result, any authenticated users, such as subscriber could upload arbitrary files, such as PHP on the server...

CVE-2023-5952

The CVE-2023-5952 entry concerns the Welcart e-Commerce WordPress plugin prior to version 2.9.5. Affected component/process: the plugin unserializes user input from cookies, enabling PHP Object Injection when a suitable gadget is present on the blog. Root cause: untrusted cookie deserialization i...

Welcart e-Commerce < 2.8.22 - Editor+ SQL Injection

Description The plugin does not properly sanitize and escape a parameter before using it in an SQL statement, leading to an SQL injection exploitable by users with a role as low as an editor...

Welcart e-Commerce < 2.8.22 - Multiple XSS

Description The plugin does not sanitize and escape a parameter before outputting it back in multiple pages, leading to a Reflected Cross-Site Scripting which could be used against other users...

CVE-2023-43493

SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information...

CVE-2023-41962

Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page...

Privilege escalation

Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory...

CVE-2023-40219

CVE-2023-40219 affects Welcart e-Commerce (plugin version 2.7–2.8.21 ) where an user with editor or higher privileges can upload an arbitrary file to an unauthorized directory. The associated vulnerability entry notes an Authenticated (Editor+) Arbitrary File Upload with high impact (CVSS v3.1: A...

Authorization

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the downloadorderdetaillist, changeorderlist, and downloadmemberlist functions called via admininit hooks in versions up to, and including, 2.2.7. This makes it possible for...