Known Vulnerabilities for Welcart E-commerce by Collne
Listed below are 5 of the newest known vulnerabilities associated with "Welcart E-commerce" by "Collne".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-62953 | Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Ac... | Not Provided | 2025-10-27 | 2026-04-01 |
| CVE-2025-58984 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-... | Not Provided | 2025-09-09 | 2026-04-01 |
| CVE-2025-54013 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-... | Not Provided | 2025-07-16 | 2026-04-01 |
| CVE-2025-54012 | Deserialization of Untrusted Data vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Object Injection.This is... | Not Provided | 2025-08-20 | 2026-04-01 |
| CVE-2025-47511 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commer... | Not Provided | 2025-06-09 | 2026-04-01 |
| CVE-2020-28339 | The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_un... | 8.8 - HIGH | 2020-11-07 | 2021-07-21 |
| CVE-2016-4828 | The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain ... | 6.5 - MEDIUM | 2016-06-25 | 2021-09-09 |
| CVE-2016-4827 | Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote att... | 6.1 - MEDIUM | 2016-06-25 | 2021-08-31 |
| CVE-2016-4826 | Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote att... | 6.1 - MEDIUM | 2016-06-25 | 2021-09-09 |
| CVE-2016-4825 | The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attac... | 5.6 - MEDIUM | 2016-06-25 | 2021-08-31 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Collne | Welcart E-commerce | 1.9.9 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.8 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.7 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.6 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.5 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.4 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.36 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.35 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.34 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.33 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.32 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.31 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.30 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.3 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.29 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.28 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.27 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.26 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.25 | All | All | All |
| Application | Collne | Welcart E-commerce | 1.9.24 | All | All | All |