Описание
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product.
Ссылки
- Third Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия до 2.11.6 (включая)
cpe:2.3:a:welcart:welcart_e-commerce:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 76%
0.00932
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-502
Связанные уязвимости
CVSS3: 6.3
github
10 месяцев назад
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product.
EPSS
Процентиль: 76%
0.00932
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-502