Ultimate Product Catalog@4.2.11 Security Vulnerabilities and Issues — Ultimate Product Catalog@4.2.11 CVE List

Lucene search

EtoilewebdesignUltimate Product Catalog4.2.11

2 matches found

CVE•added 2017/08/02 5:29 a.m.•35 views

CVE-2017-12199

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item, tag_group_update_order list_item, category_products_update_order category...

9.8CVSS9.9AI score0.01961EPSS

CVE•added 2017/08/02 5:29 a.m.•33 views

CVE-2017-12200

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component.

6.1CVSS6AI score0.00266EPSS