CVE-2025-27130
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product.
We have discovered 1,968 live websites that are affected by CVE-2025-27130.
Details
- Published - Apr 1, 2025
- Updated - Apr 1, 2025
CVE References
Website Distribution by Country
Number of websites using CVE-2025-27130 United States | 39 websites |
 Japan | 1,807 websites |
 Australia | 2 websites |
 Netherlands | 2 websites |
 Bulgaria | 1 websites |
 Brazil | 1 websites |
 China | 1 websites |
 Germany | 1 websites |
 Spain | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2025-27130| .com | 981 websites |
| .jp | 419 websites |
| .co.jp | 244 websites |
| .net | 149 websites |
| .org | 27 websites |
| .info | 25 websites |
| .co | 4 websites |
| .be | 1 websites |
Websites affected by CVE-2025-27130
Top websites that are affected by CVE-2025-27130. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.com | Japan | ***,*** | |
| ***.**.jp | Japan | ***,*** | |
| ********.jp | Japan | ***,*** | |
| ****.org | Japan | ***,*** | |
| ******.net | Japan | ***,*** | |
| *************.com | Japan | ***,*** | |
| *********.com | Japan | *,***,*** | |
| ********.jp | Japan | *,***,*** | |
| *******.com | Japan | *,***,*** | |
| *****.org | Japan | *,***,*** |
FAQ
A total of 1,968 websites have been identified as vulnerable to CVE-2025-27130, based on global website indexing conducted by WebTechSurvey.
The Welcart is affected by the CVE-2025-27130 vulnerability.
Welcart versions up to 2.11.6 are vulnerable to CVE-2025-27130.
CVE-2025-27130 is resolved in version 2.11.6 of Welcart.