CVE-2023-5952

Summary

The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog

Affected Software

VendorProductVersion RangeStatus
UnknownWelcart e-Commerce0 < 2.9.5affected

Weaknesses

  • CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CVE Program Container

Additional References

References