Arbitrary PHP Code Execution Vulnerability in Collne Welcart e-Commerce Plugin for WordPress

CVE-2016-4825 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data.

Learn more about our Wordpress Pen Testing.