CVE-2023-43493

Name of the Vulnerable Software and Affected Versions Welcart e-Commerce versions 2.7 to 2.8.21

Description The issue allows a user with author or higher privilege to obtain sensitive information through a SQL injection vulnerability in the Item List page.

Recommendations For Welcart e-Commerce versions 2.7 to 2.8.21, consider restricting access to the Item List page for users with author or higher privilege until a patch is available. As a temporary workaround, limit the privileges of users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.