Refine your search
7 vulnerabilities found for Welcart e-Commerce by Collne Inc.
jvndb-2023-000094
Vulnerability from jvndb
Published
2023-09-22 13:51
Modified
2024-07-11 16:49
Severity ?
Summary
Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below.
* Unrestricted Upload of File with Dangerous Type (CWE-434) - CVE-2023-40219
* Path Traversal (CWE-22) - CVE-2023-40532
* Cross-site Scripting in registration process of Item List page (CWE-79) - CVE-2023-41233
* Cross-site Scripting in Credit Card Payment Setup page (CWE-79) - CVE-2023-41962
* Cross-site Scripting in Item List page (CWE-79) - CVE-2023-43484
* SQL Injection in Item List page (CWE-89) - CVE-2023-43493
* SQL Injection in Order Data Edit page (CWE-89) - CVE-2023-43610
* Cross-site Scripting in Order Data Edit page (CWE-79) - CVE-2023-43614
CVE-2023-40219
Akihiro Hashimoto reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2023-40532, CVE-2023-41233, CVE-2023-41962, CVE-2023-43484, CVE-2023-43493, CVE-2023-43610, CVE-2023-43614
Shogo Kumamaru of LAC CyberLink Co., Ltd. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000094.html",
"dc:date": "2024-07-11T16:49+09:00",
"dcterms:issued": "2023-09-22T13:51+09:00",
"dcterms:modified": "2024-07-11T16:49+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains multiple vulnerabilities listed below.\r\n\r\n * Unrestricted Upload of File with Dangerous Type (CWE-434) - CVE-2023-40219\r\n * Path Traversal (CWE-22) - CVE-2023-40532\r\n * Cross-site Scripting in registration process of Item List page (CWE-79) - CVE-2023-41233\r\n * Cross-site Scripting in Credit Card Payment Setup page (CWE-79) - CVE-2023-41962\r\n * Cross-site Scripting in Item List page (CWE-79) - CVE-2023-43484\r\n * SQL Injection in Item List page (CWE-89) - CVE-2023-43493\r\n * SQL Injection in Order Data Edit page (CWE-89) - CVE-2023-43610\r\n * Cross-site Scripting in Order Data Edit page (CWE-79) - CVE-2023-43614\r\n\r\nCVE-2023-40219\r\nAkihiro Hashimoto reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2023-40532, CVE-2023-41233, CVE-2023-41962, CVE-2023-43484, CVE-2023-43493, CVE-2023-43610, CVE-2023-43614\r\nShogo Kumamaru of LAC CyberLink Co., Ltd. reported these vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000094.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000094",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN97197972/index.html",
"@id": "JVN#97197972",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-40219",
"@id": "CVE-2023-40219",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-40532",
"@id": "CVE-2023-40532",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-41233",
"@id": "CVE-2023-41233",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-41962",
"@id": "CVE-2023-41962",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-43484",
"@id": "CVE-2023-43484",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-43493",
"@id": "CVE-2023-43493",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-43610",
"@id": "CVE-2023-43610",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-43614",
"@id": "CVE-2023-43614",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40219",
"@id": "CVE-2023-40219",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40532",
"@id": "CVE-2023-40532",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-41233",
"@id": "CVE-2023-41233",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-41962",
"@id": "CVE-2023-41962",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-43484",
"@id": "CVE-2023-43484",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-43493",
"@id": "CVE-2023-43493",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-43610",
"@id": "CVE-2023-43610",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-43614",
"@id": "CVE-2023-43614",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-89",
"@title": "SQL Injection(CWE-89)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in WordPress plugin \"Welcart e-Commerce\""
}
jvndb-2023-000007
Vulnerability from jvndb
Published
2023-01-17 14:17
Modified
2023-01-17 14:17
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to directory traversal
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a directory traversal vulnerability (CWE-22).
Masato Ikeda of Mitsui Bussan Secure Directions, Inc. and Takeshi Suzuki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000007.html",
"dc:date": "2023-01-17T14:17+09:00",
"dcterms:issued": "2023-01-17T14:17+09:00",
"dcterms:modified": "2023-01-17T14:17+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains a directory traversal vulnerability (CWE-22).\r\n\r\nMasato Ikeda of Mitsui Bussan Secure Directions, Inc. and Takeshi Suzuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000007.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000007",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN31073333/index.html",
"@id": "JVN#31073333",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-4140",
"@id": "CVE-2022-4140",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-4140",
"@id": "CVE-2022-4140",
"@source": "NVD"
},
{
"#text": "https://wpscan.com/vulnerability/0d649a7e-3334-48f7-abca-fff0856e12c7",
"@id": "Welcart e-Commerce \u003c 2.8.5 - Unauthenticated Arbitrary File Access",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to directory traversal"
}
jvndb-2021-000047
Vulnerability from jvndb
Published
2021-06-11 15:24
Modified
2021-06-11 15:24
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a stored cross-site scripting vulnerability (CWE-79).
Yu Iwama of Secure Sky Technology Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000047.html",
"dc:date": "2021-06-11T15:24+09:00",
"dcterms:issued": "2021-06-11T15:24+09:00",
"dcterms:modified": "2021-06-11T15:24+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains a stored cross-site scripting vulnerability (CWE-79).\r\n\r\nYu Iwama of Secure Sky Technology Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000047.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-000047",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN70566757/index.html",
"@id": "JVN#70566757",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20734",
"@id": "CVE-2021-20734",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20734",
"@id": "CVE-2021-20734",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to cross-site scripting"
}
jvndb-2016-000117
Vulnerability from jvndb
Published
2016-06-24 14:12
Modified
2016-06-28 17:01
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability (CWE-79).
Note that this vulnerability is different from JVN#95082904.
Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000117.html",
"dc:date": "2016-06-28T17:01+09:00",
"dcterms:issued": "2016-06-24T14:12+09:00",
"dcterms:modified": "2016-06-28T17:01+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains a cross-site scripting vulnerability (CWE-79).\r\n\r\nNote that this vulnerability is different from JVN#95082904.\r\n\r\nGen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000117.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000117",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN55826471/index.html",
"@id": "JVN#55826471",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4827",
"@id": "CVE-2016-4827",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4827",
"@id": "CVE-2016-4827",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to cross-site scripting"
}
jvndb-2016-000118
Vulnerability from jvndb
Published
2016-06-24 14:12
Modified
2016-06-28 17:01
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to session management
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a vulnerability in session management.
Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000118.html",
"dc:date": "2016-06-28T17:01+09:00",
"dcterms:issued": "2016-06-24T14:12+09:00",
"dcterms:modified": "2016-06-28T17:01+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains a vulnerability in session management.\r\n\r\nGen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000118.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000118",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN61578437/index.html",
"@id": "JVN#61578437",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4828",
"@id": "CVE-2016-4828",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4828",
"@id": "CVE-2016-4828",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to session management"
}
jvndb-2016-000115
Vulnerability from jvndb
Published
2016-06-24 13:43
Modified
2016-06-29 16:04
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection
Details
WordPress plugin "Welcart e-Commerce" contains a PHP object injection vulnerability due to a flaw where untrusted POST values are unserialized.
Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000115.html",
"dc:date": "2016-06-29T16:04+09:00",
"dcterms:issued": "2016-06-24T13:43+09:00",
"dcterms:modified": "2016-06-29T16:04+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" contains a PHP object injection vulnerability due to a flaw where untrusted POST values are unserialized.\r\n\r\nGen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000115.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "5.6",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000115",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN47363774/index.html",
"@id": "JVN#47363774",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4825",
"@id": "CVE-2016-4825",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4825",
"@id": "CVE-2016-4825",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-20",
"@title": "Improper Input Validation(CWE-20)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to PHP object injection"
}
jvndb-2016-000116
Vulnerability from jvndb
Published
2016-06-24 13:43
Modified
2016-06-29 16:05
Severity ?
Summary
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
Details
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability (CWE-79).
Note that this vulnerability is different from JVN#55826471.
Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000116.html",
"dc:date": "2016-06-29T16:05+09:00",
"dcterms:issued": "2016-06-24T13:43+09:00",
"dcterms:modified": "2016-06-29T16:05+09:00",
"description": "WordPress plugin \"Welcart e-Commerce\" provided by Collne Inc. contains a cross-site scripting vulnerability (CWE-79).\r\n\r\nNote that this vulnerability is different from JVN#55826471.\r\n\r\nGen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000116.html",
"sec:cpe": {
"#text": "cpe:/a:collne:welcart_e-commerce",
"@product": "Welcart e-Commerce",
"@vendor": "Collne Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000116",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN95082904/index.html",
"@id": "JVN#95082904",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4826",
"@id": "CVE-2016-4826",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4826",
"@id": "CVE-2016-4826",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "WordPress plugin \"Welcart e-Commerce\" vulnerable to cross-site scripting"
}