CVE-2015-4582

The TheCartPress boot-store aka Boot Store theme 1.6.4 for WordPress allows header.php tcpregistererror XSS. NOTE: CVE-2015-4582 is not assigned to any Oracle product...

CVE-2024-5938

The CVE-2024-5938 entry concerns Boot Store (WordPress theme). It is vulnerable to Stored XSS via the link parameter of the theme’s Button shortcode in all versions up to and including 1.6.4, due to insufficient input sanitization and output escaping. An authenticated attacker with Contributor-le...

WordPress Boot Store theme <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Button Shortcode vulnerability discovered by Francesco Carlucci in WordPress Theme Boot Store versions = 1.6.4...

WordPress Boot Store Theme <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Boot Store Type Theme Vulnerable versions = 1.6.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5938 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 849a6c7d4031 Credits Francesco Carlucci Required...