CVE-2025-8198 MinimogWP – The High Converting eCommerce WordPress Theme <= 3.9.0 - Unauthenticated Price Manipulation

The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.9.0. This is due to an insufficient check on quantity values when changing quantities in the cart. This makes it possible for unauthenticat...

WordPress plugin MinimogWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-30960 · WordPress +1 · Minimogwp +1

Name of the Vulnerable Software and Affected Versions: MinimogWP – The High Converting eCommerce WordPress Theme versions prior to 3.9.1 Description: The MinimogWP – The High Converting eCommerce WordPress Theme for WordPress is susceptible to price manipulation due to an insufficient check on...

CVE-2025-7200

A vulnerability, which was classified as critical, was found in krishna9772 Pharmacy Management System up to a2efc8442931ec9308f3b4cf4778e5701153f4e5. Affected is an unknown function of the file quantityupd.php. The manipulation of the argument medname/medcat/exdate leads to sql injection. It is...

Pharmacy Management System 注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system by Mayuri K. Individual developer. Pharmacy Management System has an injection vulnerability that stems from SQL injection due to incorrect manipulation of the parameters medname/medcat/exdate in the file quantityupd.php...

Online Shoe Store admin_running.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that stems from improper handling of the parameter qty in the file /admin/adminrunning.php resulting in SQL injection. No details of the vulnerability are available at this time...

Code-Projects Online Shoe Store 安全漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that stems from improper handling of the parameter qty in the file /admin/adminrunning.php resulting in SQL injection. No details of the vulnerability are available at this time...

CVE-2025-49510

Cross-Site Request Forgery CSRF vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce product-quantity-for-woocommerce allows Cross Site Request Forgery.This issue affects Min Max Step Quantity Limits Manager for WooCommerce: from n/a through = 5.1.0...

CVE-2025-49510

Cross-Site Request Forgery CSRF vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce product-quantity-for-woocommerce allows Cross Site Request Forgery.This issue affects Min Max Step Quantity Limits Manager for WooCommerce: from n/a through = 5.1.0...

CVE-2025-49510 WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce allows Cross Site Request Forgery.This issue affects Min Max Step Quantity Limits Manager for WooCommerce: from n/a through 5.1.0...

WordPress plugin Min Max Step Quantity Limits Manager for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in t...

Mars: Order More Than Maximum Allowed Quantity

The business logic vulnerability allowed users to bypass the product quantity limits 1-20 items through parameter manipulation. While the user interface enforced these limits, the necessary server-side validation was missing...

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the page preview functionality. An attacker can access unpublished content and potentially expose sensitive information by exploiting predictable URLs without proper authorization...

CVE-2024-6128

A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manipulation of the argument quantity with the input -10 leads to enforcement of behavioral workflow. T...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

CVE-2023-48768

Cross-Site Request Forgery CSRF vulnerability in CodeAstrology Team Quantity Plus Minus Button for WooCommerce by CodeAstrology.This issue affects Quantity Plus Minus Button for WooCommerce by CodeAstrology: from n/a through 1.1.9...

CVE-2020-11007

In Shopizer before version 2.11.0, using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total. This vulnerability makes it possible to create a negative total in the shopping cart. This has been patched in version...

CVE-2025-47451

Cross-Site Request Forgery CSRF vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce product-quantity-dropdown-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Quantity Dropdown For Woocommerce: from n/a through = 1.2...

CVE-2025-47451

Cross-Site Request Forgery CSRF vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce product-quantity-dropdown-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Quantity Dropdown For Woocommerce: from n/a through = 1.2...

WordPress plugin Product Quantity Dropdown For Woocommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Product Quanti...