Unrated severityNVD Advisory· Published Dec 4, 2023· Updated Aug 2, 2024
Welcart e-Commerce < 2.9.5 - Unauthenticated PHP Object Injection
CVE-2023-5952
Description
The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Welcart e-Commercedescription
- Range: <2.9.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/0acd613e-dbd6-42ae-9f3d-6d6e77a4c1b7mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.