Product Catalog Simple Security Vulnerabilities and Issues — Product Catalog Simple CVE List

ImplecodeProduct Catalog Simple

4 matches found

CVE•added 2025/02/28 7:3 a.m.•64 views

CVE-2025-1405

CVE-2025-1405 affects the WordPress plugin Product Catalog Simple (post-type-x). It is a stored XSS vulnerability via the plugin’s show_products shortcode in versions up to 1.7.11, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires an ...

6.4CVSS5.7AI score0.00264EPSS

CVE•added 2023/12/29 2:51 p.m.•57 views

CVE-2023-51687

CVE-2023-51687 affects Product Catalog Simple (Post Type-X) for WordPress, with Exposure of Sensitive Information to an Unauthorized Actor via product CSV for versions up to 1.7.6. Connected sources indicate the issue has been patched in a later release; upgrade to a version later than 1.7.6 to r...

7.5CVSS7.8AI score0.0048EPSS

CVE•added 2023/04/07 2:48 p.m.•49 views

CVE-2023-29388

CVE-2023-29388 affects WordPress plugin Product Catalog Simple (post-type-x) version

7.1CVSS6.1AI score0.00382EPSS

CVE•added 2023/07/01 4:26 a.m.•34 views

CVE-2020-36743

The CVE-2020-36743 entry concerns the WordPress Product Catalog Simple plugin (versions up to and including 1.5.13). The root cause is missing or incorrect nonce validation in the implecode_save_products_meta() function, allowing unauthenticated attackers to update product metadata by misleading ...

4.3CVSS4.3AI score0.00345EPSS