CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Welcart: >> E-Commerce >> 1.3.12 Security Vulnerabilities

CVE-2014-10017

Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php.

CVSS Score

7.5

EPSS Score

0.004

Published

2015-01-13

CVE-2014-10016

Multiple cross-site scripting (XSS) vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to inject arbitrary web script or HTML via (1) unspecified vectors related to purchase_limit or the (2) name, (3) intl, (4) nocod, or (5) time parameter in an add_delivery_method action to wp-admin/admin-ajax.php.

CVSS Score

4.3

EPSS Score

0.002

Published

2015-01-13

Page 1

Vulnerabilities

Vulnerable Software

Welcart: >> E-Commerce >> 1.3.12 Security Vulnerabilities

Products

Pricing

Contact Us