Vulnerabilities > Codepeople > Music Store > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-07 | CVE-2024-36082 | SQL Injection vulnerability in Codepeople Music Store SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. | 6.5 |
| 2019-09-17 | CVE-2016-10992 | Cross-site Scripting vulnerability in Codepeople Music Store The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter. | 4.3 |