CVE-2025-27130

High CVSS: 8.8

Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product.

Vendor

Welcart

Product

Welcart E-commerce

CWE

CWE-502

Yayın Tarihi

2025-04-01 09:15:15

Güncelleme

2025-07-08 17:09:54

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-502 Welcart E-commerce HIGH Welcart 2025

Referanslar

https://jvn.jp/en/jp/JVN87266215/ https://www.welcart.com/archives/23868.html