Vulnerabilities > Inspireui > Mstore API > 4.15.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-02 | CVE-2025-3438 | Improper Privilege Management vulnerability in Inspireui Mstore API The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 4.17.4. | 7.3 |
| 2024-12-13 | CVE-2024-12042 | Unrestricted Upload of File with Dangerous Type vulnerability in Inspireui Mstore API The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the profile picture upload functionality in all versions up to, and including, 4.16.4 due to insufficient file type validation. | 5.4 |