CVE-2026-44826

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

CVE-2024-44661

PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting XSS via the quantity parameter in my-cart.php...

EUVD-2025-29064

Malicious code in bioql PyPI...

PHPGurukul Online Shopping Portal 安全漏洞

Online Shopping Portal is an online store. A cross-site scripting vulnerability exists in Online Shopping Portal, which can be exploited by an attacker to cause a cross-site scripting attack, due to a failure to clean inputs to the quantity parameter when adding items to the shopping cart...

WordPress plugin MinimogWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-30960 · WordPress +1 · Minimogwp +1

Name of the Vulnerable Software and Affected Versions: MinimogWP – The High Converting eCommerce WordPress Theme versions prior to 3.9.1 Description: The MinimogWP – The High Converting eCommerce WordPress Theme for WordPress is susceptible to price manipulation due to an insufficient check on...