PHPGurukul Online Shopping Portal 安全漏洞

Online Shopping Portal is an online store. A cross-site scripting vulnerability exists in Online Shopping Portal, which can be exploited by an attacker to cause a cross-site scripting attack, due to a failure to clean inputs to the quantity parameter when adding items to the shopping cart...

CVE-2025-52074

The CVE-2025-52074 entry concerns PHPGURUKUL Online Shopping Portal 2.1 with a Cross-Site Scripting (XSS) vulnerability in the quantity parameter used when adding a product to the cart. Root cause identified in the description is missing input sanitization for that parameter. The connected source...

CVE-2025-52074

PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting XSS due to lack of input sanitization in the quantity parameter when adding a product to the cart...

CVE-2025-52074

PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting XSS due to lack of input sanitization in the quantity parameter when adding a product to the cart...

PT-2025-37336

Name of the Vulnerable Software and Affected Versions: PHPGURUKUL Online Shopping Portal version 2.1 Description: PHPGURUKUL Online Shopping Portal version 2.1 is susceptible to Cross Site Scripting XSS due to insufficient input sanitization. The issue occurs in the quantity parameter when a...

CVE-2025-32689

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

Linux Distros Unpatched Vulnerability : CVE-2022-0414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0. CVE-2022-0414 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2018-16809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and...

CVE-2025-32689

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

CVE-2025-32689

CVE-2025-32689 affects the WordPress plugin “WP SmartPay” (ThemesGrove) up to version 2.7.13. The issue is an improper validation of the specified quantity in input , potentially enabling a price manipulation vulnerability. Public documents from multiple sources confirm the affected range and the...

CVE-2025-32689 WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

CVE-2025-32689 WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

PT-2025-36757

Name of the Vulnerable Software and Affected Versions: WP SmartPay versions n/a through 2.7.13 Description: An improper validation of the specified quantity in input exists in ThemesGrove WP SmartPay. Recommendations: Update WP SmartPay to a version later than 2.7.13...

WordPress plugin WP SmartPay 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-58835

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

PT-2025-36174

Name of the Vulnerable Software and Affected Versions: Bonus for Woo versions n/a through 7.4.1 Description: An improper validation of the specified quantity in input exists in Bonus for Woo, potentially allowing access to functionality not properly constrained by Access Control Lists ACLs...

CVE-2025-8198

The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.9.0. This is due to an insufficient check on quantity values when changing quantities in the cart. This makes it possible for unauthenticat...

CVE-2025-8198

The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.9.0. This is due to an insufficient check on quantity values when changing quantities in the cart. This makes it possible for unauthenticat...