CVE-2025-30881

Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through = 2.0.8...

CVE-2023-27431

CVE-2023-27431 is a CSRF flaw in the WordPress ThemeHunk Big Store theme (<= 1.9.3). The vulnerability affects the theme’s ability to perform privileged actions via cross-site requests, with a CVSS v3.1 base score of 8.8 (NVD) indicating high impact on confidentiality, integrity, and availabil...

WordPress Plugin Big Store Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Big Store Theme <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Big Store Type Theme Vulnerable versions = 1.9.3 Fixed in 1.9.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27431 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7ff26778242f Credits Dave Jong Patchstack...