CVE-2025-27130

Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt