Vulnerabilities > Welcart > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-5952 Unspecified vulnerability in Welcart E-Commerce
The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog
network
low complexity
welcart
critical
 9.8
9.8
2022-11-18 CVE-2022-41840 Path Traversal vulnerability in Welcart E-Commerce
Unauth.
network
low complexity
welcart CWE-22
critical
 9.8
9.8