WordPress WP eStore plugin < 8.5.5 - Reflected XSS in Category Editing vulnerability

Reflected XSS in Category Editing vulnerability discovered by Bob Matyas in WordPress Plugin WP eStore versions 8.5.5...

CVE-2020-10498

CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request...

CVE-2024-6076 WP eStore < 8.5.5 - Reflected XSS in Category Editing

The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-6076 WP eStore < 8.5.5 - Reflected XSS in Category Editing

The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-4530 Business Card <= 1.0.0 - Category Edit via CSRF

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF attacks...