Wordpress Simple Paypal Shopping Cart Security Vulnerabilities and Issues — Wordpress Simple Paypal Shopping Cart CVE List

Lucene search

Tipsandtricks-hqWordpress Simple Paypal Shopping Cart

3 matches found

CVE•added 2025/05/01 12:15 p.m.•48 views

CVE-2025-3889

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payment_data' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the...

5.3CVSS5.1AI score0.00058EPSS

CVE•added 2025/05/01 12:15 p.m.•45 views

CVE-2025-3890

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.7AI score0.00043EPSS

CVE•added 2025/05/01 12:15 p.m.•44 views

CVE-2025-3874

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edi...

6.5CVSS6.3AI score0.00153EPSS