CVE-2025-0511
Published: 12 February 2025
Description
The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Security Summary
CVE-2025-0511 is a stored cross-site scripting (XSS) vulnerability, classified under CWE-79, in the Welcart e-Commerce plugin for WordPress. It affects all versions up to and including 2.11.9 due to insufficient input sanitization and output escaping of the 'name' parameter. Published on 2025-02-12, the flaw has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N), indicating high severity with network accessibility, low complexity, no privileges or user interaction required, and scope change.
Unauthenticated attackers can exploit this vulnerability to inject arbitrary web scripts into pages via the 'name' parameter. The injected scripts execute in the context of any user accessing the affected page, enabling potential theft of administrator credentials, session hijacking, or site defacement.
Mitigation details are available in referenced advisories and patches, including the Wordfence threat intelligence report at https://www.wordfence.com/threat-intel/vulnerabilities/id/6c26270b-a0a7-4877-aa66-bffe260003df?source=cve, the patch changeset at https://plugins.trac.wordpress.org/changeset/3235131/, and vulnerable code in https://plugins.trac.wordpress.org/browser/usc-e-shop/trunk/functions/settlement_func.php#L612. Security practitioners should review the plugin's developer page at https://wordpress.org/plugins/usc-e-shop/#developers for updated versions beyond 2.11.9.
Details
- CWE(s)