← volver
CVE-2023-5952

Welcart e-Commerce < 2.9.5 - Unauthenticated PHP Object Injection

EPSS 1.3%
The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog
Productos afectados
Unknown · Welcart e-Commerce

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/0acd613e-dbd6-42ae-9f3d-6d6e77a4c1b7