CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

CVE-2026-4080

The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'addtocart' shortcode in all versions up to and including 1.8. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the ectpaddtocart function...

6.4CVSS0.00042EPSS

Exploits0References15

Cvelist•added 2 days ago•31 views

CVE-2026-4080 Easy Cart <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS0.00042EPSS

Exploits0References15

EUVD•added 2 days ago•7 views

EUVD-2026-33892

6.4CVSS6AI score0.00042EPSS

Exploits0References15

Vulnrichment•added 2 days ago•6 views

CVE-2026-4080 Easy Cart <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS6AI score0.00042EPSS

Exploits0References15

ATTACKERKB•added 2 days ago•5 views

CVE-2026-4080

6.4CVSS6AI score0.00042EPSS

Exploits0References16

CVE•added 2 days ago•7 views

CVE-2026-4080

The CVE concerns the WordPress Easy Cart plugin (versions ≤ 1.8). The vulnerability is Stored Cross-Site Scripting via the add_to_cart shortcode attributes, due to insufficient input sanitization and output escaping in ectp_add_to_cart(). Specifically, sanitize_text_field() is applied to shortcod...

6.4CVSS6AI score0.00042EPSS

Exploits0References15

Positive Technologies•added 2 days ago•6 views

PT-2026-45707

The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'add to cart' shortcode in all versions up to and including 1.8. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the ectp add to cart...

6.4CVSS6AI score0.00042EPSS

Exploits0References16

Patchstack•added 3 days ago•8 views

WordPress Easy Cart plugin <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Easy Cart versions = 1.8...

6.4CVSS5.8AI score0.00042EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/02/01 12:15 p.m.•1 views

CVE-2021-47856

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...

6.4CVSS5.9AI score0.00021EPSS

Exploits0References3Affected Software1

CVE•added 2026/02/01 12:15 p.m.•6 views

CVE-2021-47856

CVE-2021-47856 affects Easy Cart Shopping Cart 2021, with a non-persistent cross-site scripting flaw in the search module’s keyword parameter. The underlying issue is XSS in the search input that can expose or manipulate user sessions and content. A PoC exploit is indicated in connected data, but...

6.4CVSS5.9AI score0.00021EPSS

Exploits0References3

CNNVD•added 2026/02/01 12:0 a.m.•4 views

NetArt Media Easy Cart Shopping Cart 跨站脚本漏洞

NetArt Media Easy Cart Shopping Cart is a lightweight PHP e-commerce shopping system developed by NetArt Media in Bulgaria. The 2021 version of NetArt Media Easy Cart Shopping Cart contains a cross-site scripting vulnerability. This vulnerability stems from the non-persistent cross-site scripting...

6.4CVSS5.7AI score0.00021EPSS

Exploits0References3

Vulnerability Lab•added 2021/12/15 12:0 a.m.•164 views

Easy Cart Shopping Cart - (Search) Persistent Vulnerability

Document Title: =============== Easy Cart Shopping Cart - Search Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2298 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by