This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
The WP eCommerce plugin for WordPress has a security vulnerability that allows hackers to inject additional code into the system through the 'cart_contents' parameter. This can lead to unauthorized a...
Read MoreThe WP eCommerce plugin for WordPress has a security issue that allows people to create posts without permission. This can be done by exploiting a function called check_for_saas_push(), which does no...
Read MoreA security vulnerability has been discovered in the e-Commerce Plugin 3.4 and earlier for Wordpress. This vulnerability allows malicious actors to upload a file with an executable extension to the web...
Read MoreThe WP eCommerce plugin for WordPress is vulnerable to unauthorized access in versions up to and including 3.8.14.3. This means that people who are not authorized can do things like export sensitive ...
Read MoreThe WP eCommerce plugin for WordPress is vulnerable to a type of hacking attack known as Reflected Cross-Site Scripting. This type of attack can allow unauthenticated attackers to inject malicious sc...
Read MoreThe WP e-Commerce plugin for WordPress contained a security flaw before version 3.8.7.6 that allowed malicious users to enter commands into the system which could give them access to sensitive informa...
Read MoreThe WP eCommerce plugin for WordPress has a security vulnerability that makes it possible for unauthenticated attackers to access sensitive information from the database. This vulnerability exists in...
Read MoreCross-site scripting (XSS) is a type of vulnerability which allows remote attackers to insert malicious code into a website. In this particular case
Read MoreThe WP eCommerce plugin for WordPress is vulnerable to a type of attack called SQL Injection. This is where a malicious user can add extra code to a query that can be used to gain access to sensitive...
Read MoreThe WordPress eCommerce plugin, up to and including version 3.8.9, has a vulnerability that allows unauthenticated attackers to execute scripts in a victim's browser. This is due to a lack of sanitiz...
Read More