Vulnerabilities > Inspireui > Mstore API > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-8269 | Unspecified vulnerability in Inspireui Mstore API The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 4.15.3. | 6.5 |
| 2023-07-12 | CVE-2023-3199 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_title function. | 4.3 |
| 2023-07-12 | CVE-2023-3202 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_firebase_server_key function. | 4.3 |
| 2023-07-10 | CVE-2023-3131 | Unspecified vulnerability in Inspireui Mstore API The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both. | 4.3 |
| 2023-06-14 | CVE-2023-3198 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message function. | 4.3 |
| 2023-06-14 | CVE-2023-3200 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function. | 4.3 |
| 2023-06-14 | CVE-2023-3201 | Unspecified vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function. | 4.3 |
| 2023-06-14 | CVE-2023-3203 | Cross-Site Request Forgery (CSRF) vulnerability in Inspireui Mstore API The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_limit_product function. | 4.3 |