Description
WordPress Plugin Welcart e-Commerce is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Welcart e-Commerce version 2.2.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.2.8 or latest
References
https://blog.nintechnet.com/wordpress-welcart-e-commerce-plugin-fixed-vulnerabilities/
https://plugins.svn.wordpress.org/usc-e-shop/trunk/readme.txt
Related Vulnerabilities
MySQL CVE-2018-2776 Vulnerability (CVE-2018-2776)
WordPress Plugin Social Sharing-Sassy Social Share PHP Object Injection (3.3.23)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4400)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)