CVE-2022-3935

CVSS V2 None CVSS V3 None
Description
The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks
Overview
  • CVE ID
  • CVE-2022-3935
  • Assigner
  • contact@wpscan.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-12T18:15:12
  • Last Modified Date
  • 2022-12-14T21:22:36
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:* 1 OR 2.8.4
History
Created Old Value New Value Data Type Notes
2022-12-12 18:18:16 Added to TrackCVE
2022-12-12 19:15:59 2022-12-12T18:15:12.293 2022-12-12T18:15:12 CVE Published Date updated
2022-12-12 19:15:59 2022-12-12T18:17:59 CVE Modified Date updated
2022-12-12 19:15:59 Received Awaiting Analysis Vulnerability Status updated
2022-12-13 01:15:11 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-14 22:14:42 2022-12-14T21:22:36 CVE Modified Date updated
2022-12-14 22:14:42 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-14 22:14:43 CPE Information updated