Vulnerabilities > Inspireui > Mstore API > 3.9.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-10 | CVE-2023-3209 | Unspecified vulnerability in Inspireui Mstore API The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both. | 3.5 |
| 2023-06-23 | CVE-2022-47614 | Unspecified vulnerability in Inspireui Mstore API Unauth. | 7.5 |
| 2023-06-14 | CVE-2023-3198 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message function. | 4.3 |
| 2023-06-14 | CVE-2023-3200 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function. | 4.3 |
| 2023-06-14 | CVE-2023-3201 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function. | 4.3 |
| 2023-06-14 | CVE-2023-3203 | Cross-Site Request Forgery (CSRF) vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_limit_product function. | 4.3 |