The Welcart e-Commerce plugin for WordPress is vulnerable to a type of attack called SQL Injection. This type of attack can allow an attacker to extract sensitive information from the database if they are authenticated. The vulnerability exists in versions up to and including 2.1.0 because of a lack of proper escaping and preparation on the user supplied parameters.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
