Vulnerabilities > Thecartpress

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-02	CVE-2024-5938	Cross-site Scripting vulnerability in Thecartpress Boot Store 1.6.4 The Boot Store theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter within the theme's Button shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping. network low complexity thecartpress CWE-79	5.4
2017-12-29	CVE-2015-3302	Improper Access Control vulnerability in Thecartpress Ecommerce Shopping Cart The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a "broken authentication mechanism." network low complexity thecartpress CWE-284	7.5

Vulnerabilities > Thecartpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Thecartpress"}]}