Design/Logic Flaw

2016-06-2521:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.7%

JSON

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account.

CPENameOperatorVersion
welcart_e-commercelt1.8.3

CPE	Name	Operator	Version
	welcart_e-commerce	lt	1.8.3

References

jvn.jp/en/jp/JVN61578437/index.html

jvndb.jvn.jp/jvndb/JVNDB-2016-000118

www.welcart.com/community/archives/78977