CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-5178

Cross-site request forgery (CSRF) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that complete a purchase.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.0%

CVSS Severity

CVSS v2 Score 6.8

References

http://jvn.jp/en/jp/JVN53269985/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000109
http://www.welcart.com/community/archives/4524
http://jvn.jp/en/jp/JVN53269985/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000109
http://www.welcart.com/community/archives/4524

Products affected by CVE-2012-5178

Welcart » Welcart Plugin » Version: 0.5

cpe:2.3:a:welcart:welcart_plugin:0.5
Welcart » Welcart Plugin » Version: 0.9.1

cpe:2.3:a:welcart:welcart_plugin:0.9.1
Welcart » Welcart Plugin » Version: 1.2.1

cpe:2.3:a:welcart:welcart_plugin:1.2.1
Wordpress » Wordpress » Version: N/A

cpe:2.3:a:wordpress:wordpress:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5178

Products

Pricing

Contact Us