59 matches found
CVE-2016-10992
The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports fromyear parameter...
EUVD-2005-3850
Malware in sbrugna...
EUVD-2007-3504
Malware in sbrugna...
EUVD-2016-1983
Malware in sbrugna...
EUVD-2025-3827
Malicious code in bioql PyPI...
CVE-2025-24626
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through = 1.1.19...
CVE-2025-24626
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through = 1.1.19...
CVE-2025-24626 WordPress Music Store – WordPress eCommerce Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through = 1.1.19...
CVE-2025-24626 WordPress Music Store – WordPress eCommerce Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through = 1.1.19...
CVE-2025-24626
CVE-2025-24626 refers to a WordPress Music Store plugin vulnerability (Music Store
WordPress plugin Music Store 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-5454 · Codepeople · Codepeople Music Store
Name of the Vulnerable Software and Affected Versions: CodePeople Music Store versions 1.1.19 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This enables attackers to inject malicio...
WordPress Music Store – WordPress eCommerce Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Music Store versions = 1.1.19...
WordPress Music Store plugin <= 1.1.13 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Noriko Totsuka JPCERT/CC in WordPress Plugin Music Store versions = 1.1.13...
WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection
Overview WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability CWE-89. Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
CVE-2024-36082
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker...
CVE-2024-36082
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker...
CVE-2024-36082
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker...
CVE-2024-36082
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker...
JVN#79213252: WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection
WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability CWE-89. Impact A user of the product with the administrator privilege may execute an arbitrary SQL command. Information stored in the database may be obtained or altered by the user...