Vulnerabilities > Inspireui

DATE CVE VULNERABILITY TITLE RISK
2023-06-23 CVE-2022-47614 SQL Injection vulnerability in Inspireui Mstore API
Unauth.
network
low complexity
inspireui CWE-89
7.5
7.5
2023-06-14 CVE-2023-3198 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3200 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3201 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function.
network
low complexity
inspireui
4.3
4.3
2023-06-14 CVE-2023-3203 Cross-Site Request Forgery (CSRF) vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_limit_product function.
network
low complexity
inspireui CWE-352
4.3
4.3
2023-06-07 CVE-2020-36713 Missing Authentication for Critical Function vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5.
network
low complexity
inspireui CWE-306
critical
 9.8
9.8
2023-05-25 CVE-2023-2732 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2.
network
low complexity
inspireui
critical
 9.8
9.8
2023-05-25 CVE-2023-2733 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0.
network
low complexity
inspireui
critical
 9.8
9.8
2023-05-25 CVE-2023-2734 Unspecified vulnerability in Inspireui Mstore API
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1.
network
low complexity
inspireui
critical
 9.8
9.8
2021-03-18 CVE-2021-24148 Improper Authentication vulnerability in Inspireui Mstore API
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.
network
low complexity
inspireui CWE-287
critical
 10.0
10