Lucene search
K

42 matches found

Cvelist
Cvelist
added 2025/11/16 6:2 a.m.12 views

CVE-2025-13239 Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution submit_checkout behavioral workflow

A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submitcheckout. Such manipulation of the argument ordertotalamount/carttotalamount leads to enforcement of...

5.3CVSS0.00276EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9094

Malware in sbrugna...

9.8CVSS9.5AI score0.01161EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-0385

Malware in sbrugna...

7.5CVSS6.4AI score0.00993EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27097

Malicious code in bioql PyPI...

3.3CVSS4AI score0.00483EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.5 views

CVE-2024-12128

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘monthlysalescurrentyear’ parameter in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This mak...

6.1CVSS6.3AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:55 a.m.6 views

CVE-2024-12253

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'savesettings', 'exportcsv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it...

5.4CVSS6.6AI score0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.8 views

CVE-2023-51533

Cross-Site Request Forgery CSRF vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a through 6.12.4...

6.1CVSS5.6AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.9 views

CVE-2023-6292

The Ecwid Ecommerce Shopping Cart WordPress plugin before 6.12.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS6.7AI score0.00217EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/02/05 9:25 p.m.16 views

CVE-2022-2432

The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to missing or incorrect nonce validation on the ecwidupdatepluginparams function. This makes it possible for unauthenticated attackers to updat...

8.8CVSS6.3AI score0.00454EPSS
Exploits2References1
NVD
NVD
added 2024/12/07 10:15 a.m.10 views

CVE-2024-12128

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘monthlysalescurrentyear’ parameter in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This mak...

6.1CVSS0.00291EPSS
Exploits0References2
CVE
CVE
added 2024/12/07 9:26 a.m.56 views

CVE-2024-12253

CVE-2024-12253 concerns the WordPress plugin “Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal” (versions up to 3.1.2). The issue is a missing capability check on actions including ‘save_settings’, ‘export_csv’, and ‘simpleecommcart-action’, which allows an attacker with subscr...

5.4CVSS5.3AI score0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/07 9:26 a.m.9 views

CVE-2024-12253 Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data Access

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'savesettings', 'exportcsv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it...

5.4CVSS6.6AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/07 9:26 a.m.17 views

CVE-2024-12253 Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data Access

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'savesettings', 'exportcsv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it...

5.4CVSS0.00257EPSS
Exploits0References2
NVD
NVD
added 2024/03/03 12:15 a.m.16 views

CVE-2024-2133

A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of the file /dashboard/Cinvoice/manageinvoice of the component Manage Sale Page. The manipulation of the argument Title leads to cross si...

3.3CVSS3.4AI score0.00483EPSS
Exploits0References3
Prion
Prion
added 2024/03/03 12:15 a.m.13 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of the file /dashboard/Cinvoice/manageinvoice of the component Manage Sale Page. The manipulation of the argument Title leads to cross si...

3.3CVSS6.4AI score0.00483EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/02 11:31 p.m.11 views

CVE-2024-2133 Bdtask Isshue Multi Store eCommerce Shopping Cart Solution Manage Sale Page manage_invoice cross site scripting

A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of the file /dashboard/Cinvoice/manageinvoice of the component Manage Sale Page. The manipulation of the argument Title leads to cross si...

3.3CVSS6.2AI score0.00483EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/02 12:0 a.m.4 views

PT-2024-18856 · Unknown · Bdtask Isshue Multi Store Ecommerce Shopping Cart Solution

Name of the Vulnerable Software and Affected Versions: Bdtask Isshue Multi Store eCommerce Shopping Cart Solution version 4.0 Description: A problematic issue was found in the Manage Sale Page component, specifically affecting the /dashboard/Cinvoice/manage invoice file. The manipulation of the...

3.3CVSS3.9AI score0.00483EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.4 views

PT-2024-14926 · WordPress · Ecwid Ecommerce Shopping Cart

Name of the Vulnerable Software and Affected Versions: Ecwid Ecommerce Shopping Cart WordPress plugin versions prior to 6.12.5 Description: The issue is related to the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...

4.3CVSS4.4AI score0.00217EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2023/05/08 12:0 a.m.8 views

PT-2023-19569 · Ecwid · Ecwid Ecommerce Shopping Cart

Name of the Vulnerable Software and Affected Versions: Ecwid Ecommerce Shopping Cart plugin versions = 6.11.4 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability requires authentication and affects users with contributor or higher permissions...

6.5CVSS5.5AI score0.00387EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.7 views

Wordpress plugin Ecommerce Shopping Cart 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS6.4AI score0.00387EPSS
Exploits0References2
Rows per page
Query Builder