Design/Logic Flaw

The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers to extract sensitive data including customer...

WordPress Plugin Sunshine Photo Cart: Free Client Galleries for Photographers Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-41796

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0...

CVE-2023-41796

The Sunshine Photo Cart plugin for WordPress (Sunshine Photo Cart: Free Client Galleries for Photographers) is affected by CVE-2023-41796. Affected versions are before 3.0.0 and the root cause is Insecure Direct Object References (IDOR) caused by authorization bypass via a user-controlled key, en...