CVE-2022-3935

Published: Dic 12, 2022 Last Modified: Apr 22, 2025 EU-VD ID: EUVD-2022-43269 Aliases: GSD-2022-3935

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: changed

Confidentiality: low

Integrity: low

Availability: none

Description

AI Translation Available

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0023

Percentile

0,5th

Updated

EPSS Score Trend (Last 90 Days)

Application

Welcart E-Commerce by Welcart

Product Information

Vendor Welcart

Product Welcart E-Commerce

Version Range Affected

To 2.8.4 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:welcart:welcart_e-commerce:*:*:*:*:*:wordpress:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-41…

Exploit Third Party Advisory

https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-4162e234ea05

https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-41…

Exploit Third Party Advisory

https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-4162e234ea05

CVE-2022-3935

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Welcart E-Commerce by Welcart

Product Information

Iscriviti alla newsletter