EPSS
Percentile
40.7%
The plugin unserialises (via usces_unserialize()) the content of the usces_cookie cookie, which could lead to a PHP Object Injection issue.
www.wordfence.com/blog/2020/11/object-injection-vulnerability-in-welcart-e-commerce-plugin/