WordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by ch4r0n in WordPress Plugin The E-Commerce ERP versions = 2.1.1.3...

WordPress plugin Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Spreadsheet Price...

CVE-2024-37297

WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be...

PT-2025-4734 · Wp E Commerce · Wpecommerce Sell Digital Downloads

Name of the Vulnerable Software and Affected Versions: wpecommerce Sell Digital Downloads versions 2.2.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS attacks...

WordPress Plugin Order Delivery Date for WP e-Commerce Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Plugin Order Delivery Date for WP e-Commerce Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress e-Commerce Plugin <= 3.8.9 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

WP e-Commerce Swipe <= 3.1.0 - Multiple XSS Issues

The last time it was checked the plugin was still affected and had been closed. PoC...

WordPress e-Commerce 3.8.5 Cross Site Scripting

Vulnerability ID: HTB23031 Reference: http://www.htbridge.ch/advisory/xssinwpecommerce.html Product: WP e-Commerce Vendor: Instinct Entertainment http://getshopped.org/ Vulnerable Version: 3.8.5 and probably prior Tested on: 3.8.5 Vendor Notification: 13 July 2011 Vulnerability Type: XSS Cross Si...