Welcart E-Commerce vulnerabilities

CVE-2023-22705 [MEDIUM] CWE-79 CVE-2023-22705: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin <= 2.8.10 versions.

CVE-2022-4655 [MEDIUM] CWE-79 CVE-2022-4655: The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortc The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack.

CVE-2022-4237 [HIGH] CWE-502 CVE-2022-4237: The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it in The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it in file_exist() functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a file and a suitable gadget chain is present on the blog

CVE-2022-4140 [HIGH] CWE-552 CVE-2022-4140: The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server

CVE-2022-4236 [MEDIUM] CWE-552 CVE-2022-4236: The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server.

CVE-2022-3935 [MEDIUM] CWE-79 CVE-2022-3935: The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, w The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

CVE-2022-3946 [MEDIUM] CWE-352 CVE-2022-3946: The Welcart e-Commerce WordPress plugin before 2.8.4 does not have authorisation and CSRF in an AJAX The Welcart e-Commerce WordPress plugin before 2.8.4 does not have authorisation and CSRF in an AJAX action, allowing any logged-in user to create, update and delete shipping methods.

CVE-2022-41840 [CRITICAL] CWE-22 CVE-2022-41840: Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress.

CVE-2021-20734 [MEDIUM] CWE-79 CVE-2021-20734: Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attac Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors.

CVE-2020-28339 [HIGH] CWE-502 CVE-2020-28339: The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Inje The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.

CVE-2016-4828 [MEDIUM] CWE-19 CVE-2016-4828: The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows re The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account.

CVE-2016-4825 [MEDIUM] CWE-20 CVE-2016-4825: The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct P The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data.

CVE-2016-4826 [MEDIUM] CWE-79 CVE-2016-4826: Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for Wo Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827.

CVE-2016-4827 [MEDIUM] CVE-2016-4827: Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for Wo Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826.

CVE-2015-7791 [MEDIUM] CWE-89 CVE-2015-7791: Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for Wo Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column] or (2) switch parameter.

CVE-2015-2973 [MEDIUM] CWE-79 CVE-2015-2973: Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPres Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to (1) classes/usceshop.class.php, (2) includes/edit-form-advanced.php, (3) includes/edit-form-advanced30.php, (4) includes/edit-form-advanced34.php, (5) incl