@ainsleydev/payload-helper (>=0.0.6 <=0.1.2), @davincicoding/payload-plugin-kit (=0.0.4) +9 more potentially affected by CVE-2026-25544 via @payloadcms/db-sqlite (>=3.0.0-beta.116 <=3.72.0)

@payloadcms/db-sqlite NPM version =3.0.0-beta.116, =0.0.6, =1.1.10, =1.2.0 - payload-smart-deletion =1.0.7 - simple-shop =1.0.0 Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSDBSQLITE-15240188...

EUVD-2008-6992

Malware in sbrugna...

EUVD-2021-24793

Malware in sbrugna...

EUVD-2008-2563

Malware in sbrugna...

CVE-2024-1230

The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...

PT-2024-17533 · WordPress · Simpleshop

Name of the Vulnerable Software and Affected Versions: SimpleShop plugin for WordPress versions prior to 2.11 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the maybe disconnect simpleshop function. This allows unauthenticated...

WordPress SimpleShop plugin <= 2.10.2 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Francesco Carlucci in WordPress Plugin SimpleShop versions = 2.10.2...

CVE-2021-38340

The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

CVE-2021-38340

The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

Cross site scripting

The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

CVE-2021-38340 Wordpress Simple Shop <= 1.2 Reflected Cross-Site Scripting

The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

CVE-2021-38340

The WordPress Simple Shop plugin for WordPress (versions up to 1.2) is vulnerable to Reflected Cross-Site Scripting via the update_row parameter in the file ~/includes/add_product.php, allowing attackers to inject arbitrary scripts. Multiple connected documents corroborate this, stating the vulne...

CVE-2021-38340 Wordpress Simple Shop <= 1.2 Reflected Cross-Site Scripting

The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the...

WordPress WordPress Simple Shop plugin <= 1.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress WordPress Simple Shop plugin versions = 1.2. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...

WordPress Simple Shop <= 1.2 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the updaterow parameter found in the /includes/addproduct.php file which allows attackers to inject arbitrary web scripts...

PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...

TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19382/info PHP Simple Shop is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to execute arbitrary malicious PHP code in the context of the webserver process. This may facilitat...

Galore Simple Shop 3.1 - 'section' Parameter SQL Injection Vulnerability

No description provided by source...

Joomla Component simple shop 2.0 - SQL Injection Vulnerability

No description provided by source. joomla comsimpleshop SQL Injectionsection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl:comsimpleshop DORK 2 : allinurl: comsimpleshopsection EXPLOIT :...