WordPress Datalogics Ecommerce Delivery plugin < 2.6.60 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Datalogics Ecommerce Delivery versions 2.6.60...

WordPress plugin WP eCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-23650

The WP eCommerce WordPress plugin through 3.15.1 does not have CSRF check in place when deleting coupons, which could allow attackers to make a logged in admin remove them via a CSRF attack...

CVE-2026-22471 WordPress Secudeal Payments for Ecommerce plugin <= 1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecommerce: from n/a through = 1.1...

CVE-2026-22471

CVE-2026-22471 concerns the WordPress plugin Secudeal Payments for Ecommerce (versions n/a through 1.1). The issue is a PHP Object Injection via deserialization of untrusted data in the plugin, as described in the CVE entry. Connected sources confirm this vulnerability exists in Secudeal Payments...

CVE-2026-22471 WordPress Secudeal Payments for Ecommerce plugin <= 1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecommerce: from n/a through = 1.1...

WordPress plugin maximsecudeal Secudeal Payments for Ecommerce 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress Secudeal Payments for Ecommerce plugin <= 1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mrreee in WordPress Plugin Secudeal Payments for Ecommerce versions = 1.1...

WordPress WP eCommerce plugin <= 3.15.1 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin WP eCommerce versions = 3.15.1...

CVE-2026-1235

The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via ajax actions, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

WordPress plugin WP eCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2024-14015

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2024-55100

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-14015

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-14015

CVE-2024-14015 affects Studiocart (WordPress eCommerce Plugin) up to version 2.9.0, where insufficient sanitisation/escaping of a parameter leads to Reflected XSS in output. The vulnerability could target high-privilege users such as admins. Connected sources do not provide a confirmed fixed vers...

WordPress plugin eCommerce Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-47883

Name of the Vulnerable Software and Affected Versions WordPress eCommerce Plugin versions through 2.9.0 Description The WordPress eCommerce Plugin does not properly sanitize and escape a parameter before displaying it on a page. This can lead to a Reflected Cross-Site Scripting XSS issue,...

CVE-2025-60248 WordPress WPC Product Options for WooCommerce plugin <= 3.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPClever WPC Product Options for WooCommerce wpc-product-options allows PHP Local File Inclusion.This issue affects WPC Product Options for WooCommerce: from n/a through = 3.1.3...

EUVD-2023-29028

Malicious code in bioql PyPI...

EUVD-2023-23718

Malicious code in bioql PyPI...