Info Welcart Welcart E-Commerce vulnerabilities

CVE-2025-62953 [HIGH] CWE-862 CVE-2025-62953: Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through <= 2.11.24.

CVE-2025-58984 CWE-79 CVE-2025-58984: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Stored XSS.This issue affects Welcart e-Commerce: from n/a through <= 2.11.20.

CVE-2025-54012 CWE-502 CVE-2025-54012: Deserialization of Untrusted Data vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Deserialization of Untrusted Data vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Object Injection.This issue affects Welcart e-Commerce: from n/a through <= 2.11.16.

CVE-2025-54013 CWE-79 CVE-2025-54013: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Stored XSS.This issue affects Welcart e-Commerce: from n/a through <= 2.11.16.

CVE-2025-47511 [MEDIUM] CWE-22 CVE-2025-47511: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Path Traversal.This issue affects Welcart e-Commerce: from n/a through <= 2.11.13.