Vulnerabilities > Eshop Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-06 | CVE-2013-10008 | Unspecified vulnerability in Eshop Project Eshop A vulnerability was found in sheilazpy eShop. | 9.8 |
2019-09-26 | CVE-2015-9413 | Cross-Site Request Forgery (CSRF) vulnerability in Eshop Project Eshop The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter. | 6.5 |
2017-07-21 | CVE-2015-3421 | Cross-site Scripting vulnerability in Eshop Project Eshop The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting (XSS) attacks, or a path disclosure attack via crafted variables named after target PHP variables. | 6.1 |