Shopping Cart & Ecommerce Store Security Vulnerabilities and Issues — Shopping Cart & Ecommerce Store CVE List

Lucene search

WpeasycartShopping Cart & Ecommerce Store

3 matches found

CVE•added 2023/04/03 3:15 p.m.•55 views

CVE-2023-1124

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

7.2CVSS7.1AI score0.00293EPSS

CVE•added 2021/08/19 4:15 p.m.•38 views

CVE-2021-34645

The Shopping Cart & eCommerce Store WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_currency_settings function found in the ~/admin/inc/wp_easycart_admin_initial_setup.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 5.1.0.

8.8CVSS8.7AI score0.00109EPSS

CVE•added 2024/08/20 2:15 a.m.•38 views

CVE-2024-7827

The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to boolean-based SQL Injection via the ‘model_number’ parameter in all versions up to, and including, 5.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

8.8CVSS8.7AI score0.00838EPSS