CVSS 3.1 Score 8.8 of 10 (high)


Published Dec 4, 2023
Updated: Dec 8, 2023
CWE ID 434


CVE-2023-5953 is a vulnerability found in the Welcart e-Commerce WordPress plugin before version 2.9.5. This vulnerability allows authenticated users, such as subscribers, to upload arbitrary files, including PHP files, onto the server without proper validation and authorization. It affects various products including o5EiEY, uB2F3S, o5EiEZ, and many others. The potential danger of this vulnerability is high as it can lead to unauthorized access and execution of malicious code on the server. To remediate this vulnerability, it is recommended to update the Welcart e-Commerce plugin to version 2.9.5 or apply any available patches or fixes provided by the plugin developer.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5953 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options