50 matches found
CVE-2026-57314
Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...
CVE-2026-57313
Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...
CVE-2026-57313 WordPress SureCart plugin <= 4.2.2 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...
CVE-2026-57313
CVE-2026-57313 concerns a Subscriber XSS vulnerability in the WordPress plugin SureCart up to version 4.2.2 . The public records describe an XSS issue affecting subscribers, but do not provide concrete exploit scenarios, affected subcomponents, or a detailed root cause beyond the general class of...
CVE-2026-57314 WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...
EUVD-2026-39726
Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...
EUVD-2026-39727
Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...
CVE-2026-57314
CVE-2026-57314 affects the WordPress SureCart plugin ≤ 4.3.2 with an unauthenticated reflected XSS vulnerability. The impact per the records is LOW confidentiality/integrity/availability, high overall severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). The root cause involves improper handl...
WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin SureCart versions = 4.3.2...
CVE-2026-9065
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-9065
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-9065 Surecart - SQL Injection
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-9065
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-9065
SureCart
CVE-2026-9065 Surecart - SQL Injection
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
EUVD-2026-31072
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
WordPress plugin SureCart SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-42123
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'model name', 'model id', 'integration id', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-39488
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...
EUVD-2026-20158
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...