CVE-2025-10649 | Welcart e-Commerce Plugin up to 2.11.21 on WordPress Cookie sql injection

A vulnerability described as critical has been identified in Welcart e-Commerce Plugin up to 2.11.21 on WordPress. This issue affects some unknown processing of the component Cookie Handler. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2025-10649. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More