Studiocart <= 2.9.0 - Cross-Site Scripting

The Studiocart plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if the...

WordPress Studiocart plugin <= 2.9.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WordPress eCommerce Plugin – Studiocart versions = 2.9.0...

CVE-2024-14015 Studiocart <= 2.9.0 - Reflected XSS

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-14015 Studiocart <= 2.9.0 - Reflected XSS

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-14015

CVE-2024-14015 affects Studiocart (WordPress eCommerce Plugin) up to version 2.9.0, where insufficient sanitisation/escaping of a parameter leads to Reflected XSS in output. The vulnerability could target high-privilege users such as admins. Connected sources do not provide a confirmed fixed vers...

WordPress WordPress eCommerce Plugin – Studiocart Plugin < 2.5.20 is vulnerable to Cross Site Scripting (XSS)

Software WordPress eCommerce Plugin – Studiocart Type Plugin Vulnerable versions 2.5.20 Fixed in 2.5.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5eb1bf45cbd4 Credits Rafie...

WordPress WordPress eCommerce Plugin – Studiocart plugin < 2.3.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WordPress eCommerce Plugin – Studiocart plugin versions 2.3.1. Solution Update the WordPress WordPress eCommerce Plugin – Studiocart plugin to the latest available version at least 2.3.1...

WordPress WordPress eCommerce Plugin – Studiocart plugin < 2.3.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WordPress eCommerce Plugin – Studiocart plugin versions 2.3.1. Solution Update the WordPress WordPress eCommerce Plugin – Studiocart plugin to the latest available version at least 2.3.1...