cleantalk
Vulnerabilities and Security Researches

Welcart e-Commerce, CVE-2025-54013

CVE, Research URL

CVE-2025-54013

Home page URL

Security reports for Welcart e-Commerce

Application

Welcart e-Commerce

Published on
Jul 16, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nanbu Welcart e-Commerce allows Stored XSS. This issue affects Welcart e-Commerce: from n/a through 2.11.16.
Affected versions
Min -, max 2.11.17.
Status
vulnerable
Previous vulnerability researches
Animator – Scroll Triggered Animations (cf0d6ce4149212cae4de5df9898160e72ee42fbb) , Jun 07, 2024
Animator – Scroll Triggered Animations (CVE-2024-49308) , Oct 19, 2024
Animator – Scroll Triggered Animations (CVE-2023-47689) , Jun 10, 2024
Animator – Scroll Triggered Animations (CVE-2025-54039) , Jul 18, 2025
New vulnerability
Stop User Enumeration (CVE-2025-4302) , Jul 19, 2025
WP Pipes (CVE-2025-28982) , Jul 19, 2025
LightBox Block (CVE-2025-54051) , Jul 19, 2025
Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal (CVE-2025-6043) , Jul 19, 2025
Ruven Themes: Shortcodes (CVE-2025-7648) , Jul 19, 2025