2 matches found
CVE-2024-36082
CVE-2024-36082 applies to Music Store – WordPress eCommerce. Affected versions are prior to 1.1.14. The vulnerability is an SQL Injection in the plugin’s admin-accessible context, allowing an authenticated attacker with Administrative privileges to execute arbitrary SQL commands, potentially read...
CVE-2016-10992
The issue tracked as CVE-2016-10992 affects the WordPress Music Store plugin prior to version 1.0.43. The vulnerability is an Cross-Site Scripting (XSS) flaw exposed through the admin page parameter wp-admin/admin.php?page=music-store-menu-reports_from_year, as documented across multiple sources ...