Vulnerabilities > Inspireui > Mstore API > 3.9.3

DATE CVE VULNERABILITY TITLE RISK
2023-06-23 CVE-2022-47614 SQL Injection vulnerability in Inspireui Mstore API
Unauth.
network
low complexity
inspireui CWE-89
7.5
7.5
2023-06-14 CVE-2023-3198 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3200 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3201 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3203 Cross-Site Request Forgery (CSRF) vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_limit_product function.
network
low complexity
inspireui CWE-352
4.3
4.3