Vulnerabilities > CVE-2023-5952 - Unspecified vulnerability in Welcart E-Commerce

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
welcart
critical

Summary

The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog

Vulnerable Configurations

Part Description Count
Application
Welcart
230