Welcart E-commerce@* Security Vulnerabilities and Issues — Welcart E-commerce@* CVE List

Lucene search

WelcartWelcart E-commerce*

2 matches found

CVE•added 2015/07/24 4:59 p.m.•32 views

CVE-2015-2973

Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to (1) classes/usceshop.class.php, (2) includes/edit-form-advanced.php, (3) includes/edit-form-advanced...

4.3CVSS6AI score0.00435EPSS

CVE•added 2015/12/29 10:59 p.m.•29 views

CVE-2015-7791

Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column] or (2) switch parameter.

6.5CVSS7AI score0.00313EPSS