Known Vulnerabilities for products from Welcart
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Welcart".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-62953 json | Not Provided | 2025-10-27 | 2026-04-01 | |
| CVE-2025-58984 json | Not Provided | 2025-09-09 | 2026-04-01 | |
| CVE-2025-54013 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-54012 json | Not Provided | 2025-08-20 | 2026-04-01 | |
| CVE-2025-47511 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commer... | Not Provided | 2025-06-09 | 2026-04-01 |
| CVE-2024-10726 json | Not Provided | 2024-11-21 | 2026-04-08 | |
| CVE-2023-6120 json | Not Provided | 2023-12-09 | 2026-04-08 | |
| CVE-2021-4375 json | Not Provided | 2023-06-07 | 2026-04-08 | |
| CVE-2021-4355 json | The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the dow... | Not Provided | 2023-06-07 | 2026-04-08 |
| CVE-2016-4828 json | The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain ... | 6.5 - MEDIUM | 2016-06-25 | 2021-09-09 |
| CVE-2016-4827 json | Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote att... | 6.1 - MEDIUM | 2016-06-25 | 2021-08-31 |
| CVE-2016-4826 json | Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote att... | 6.1 - MEDIUM | 2016-06-25 | 2021-09-09 |
| CVE-2016-4825 json | The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attac... | 5.6 - MEDIUM | 2016-06-25 | 2021-08-31 |
| CVE-2015-7791 json | Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote auth... | 6.3 - MEDIUM | 2015-12-29 | 2021-06-24 |
| CVE-2015-2973 json | Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers ... | 4.3 - MEDIUM | 2015-07-24 | 2021-06-24 |
| CVE-2014-10017 json | Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execut... | 7.5 - HIGH | 2015-01-13 | 2017-09-08 |
| CVE-2014-10016 json | Multiple cross-site scripting (XSS) vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attack... | 4.3 - MEDIUM | 2015-01-13 | 2017-09-08 |
| CVE-2012-5178 json | Cross-site request forgery (CSRF) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to h... | 6.8 - MEDIUM | 2012-12-19 | 2013-01-29 |
| CVE-2012-5177 json | Cross-site scripting (XSS) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to inject a... | 4.3 - MEDIUM | 2012-12-19 | 2012-12-19 |
Known software with vulnerabilities from Welcart
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Welcart | E-commerce | 1.3.12 |
| Application | Welcart | Welcart | 1.4.0 |
| Application | Welcart | Welcart Plugin | 0.5 |