Lucene search
K

50 matches found

NVD
NVD
added 5 days ago5 views

CVE-2026-57314

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-57313

Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...

6.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-57313 WordPress SureCart plugin <= 4.2.2 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...

6.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 5 days ago5 views

CVE-2026-57313

CVE-2026-57313 concerns a Subscriber XSS vulnerability in the WordPress plugin SureCart up to version 4.2.2 . The public records describe an XSS issue affecting subscribers, but do not provide concrete exploit scenarios, affected subcomponents, or a detailed root cause beyond the general class of...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-57314 WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-39726

Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-39727

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 5 days ago10 views

CVE-2026-57314

CVE-2026-57314 affects the WordPress SureCart plugin ≤ 4.3.2 with an unauthenticated reflected XSS vulnerability. The impact per the records is LOW confidentiality/integrity/availability, high overall severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). The root cause involves improper handl...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 5 days ago5 views

WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin SureCart versions = 4.3.2...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.7 views

CVE-2026-9065

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS5.8AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 9:16 a.m.18 views

CVE-2026-9065

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 8:23 a.m.8 views

CVE-2026-9065 Surecart - SQL Injection

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS6AI score0.00338EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 8:23 a.m.10 views

EUVD-2026-31072

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS6AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 8:23 a.m.14 views

CVE-2026-9065

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS6AI score0.00338EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 8:23 a.m.42 views

CVE-2026-9065 Surecart - SQL Injection

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 8:23 a.m.21 views

CVE-2026-9065

SureCart

9.3CVSS6AI score0.00338EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42123

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'model name', 'model id', 'integration id', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS6AI score0.00338EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin SureCart SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.3CVSS5.9AI score0.00338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.4 views

CVE-2026-39488

Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...

6.5CVSS5.8AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.2 views

EUVD-2026-20158

Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...

5.9AI score0.00184EPSS
Exploits0References2
Rows per page
Query Builder